"Shellshock" bash bug
Colin Law
clanlaw at gmail.com
Sat Sep 27 06:45:50 UTC 2014
On 27 September 2014 01:33, Gene Heskett <gheskett at wdtv.com> wrote:
> On Friday 26 September 2014 17:50:25 Colin Law did opine
>> ...
>> It seems however that my initial assumption is correct, that if they
>> cannot login as they do not have the key then they cannot exploit the
>> vulnerability.
>
> We are being told by the finders that no login is needed.
True, it seems that web server and dhcp can also be attacked, however
since only port 22 is open and dhcp is from my router then it seems I
am safe, provided the router is clean.
Cheers
Colin
More information about the ubuntu-users
mailing list