Bash Remote Exploit (https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-v
- Thread starter Deleted
- Start date
DomainBop
Dormant VPSB Pathogen
Patches available for CentOS 5/6/7 as well
http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html
http://centosnow.blogspot.com/2014/09/critical-bash-updates-for-centos-5.html
drmike
100% Tier-1 Gogent
What happened boss? Someone prune your message due to perception of it leading to a rm -rf 'ing of the interwebs?
According to http://seclists.org/oss-sec/2014/q3/650, yes.
I look forward to updating every server that runs bash... eh all of them.
Fortunately this doesn't seem to exploitable under standard server scenario's without a service which allows for the setting of environment variables to specific values (rare) such as SSH access. Atleast based on my understanding.
Update Time....
Fortunately this doesn't seem to exploitable under standard server scenario's without a service which allows for the setting of environment variables to specific values (rare) such as SSH access. Atleast based on my understanding.
Update Time....
Last edited by a moderator:
I would hold off until they release an update that patches the exploit. The recent update didn't fix it completely.
DomainBop
Dormant VPSB Pathogen
Puppet...
I also saw the unedited version and PoC shown there by OP was pretty harmless. In addition, bash isn't suid binary and running it on your account limits the damage to what you can access by yourself.
Kris
New Member
Yes, and due to stupidity we lost one of the bright members of the forum.
Good job, dumbass. (Looks at Martin)
Wintereise
New Member
While the fact that it wasn't much of a PoC was true, him flipping shit on it being removed largely based on a mistake is also a problem.
Well aren't you the smart little cookie.
Next time any code is thrown up as PoC I'll leave it well alone and we can all try it against your systems.
I'm not going to dance around and try any code myself or analyse it to see what it can and can't do. If there's an exploit out there and someone posts up PoC code in relation to it I'll remove it.
I see people are just using this as an opportunity to moan again despite people saying the same code is listed in the link from RH. Trying to protect the wider community and people throw their arms up, chuck their toys and dummies out of the pram and storm off. Diddums.
Aldryic C'boas
The Pony
A self-proclaimed guru of everything cries foul and lets slip the dogs of butthurt after a moderator censors part of his post. The road to hell is paved with good intentions indeed, but at *most* Martin's actions called for a response of "Not cool man, it wasn't actually an issue, let me show you why" - not a GVH dramatantrum. Props to Monk for not threatening to go grab a butter knife over the issue.. but "delete my account"? Did you forget that you're not in the daycare anymore? FFS man, most of your stories about your experience would place you being mid-30s or so - try acting like it.