<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">I have just found that my Ubuntu 14.04
LTS installation is vulnerable to the Shellshock Bash
vulnerability. Patching my Ubuntu 14.04 LTS installation now.<br>
<br>
$ sudo apt-get update<br>
$ sudo apt-get upgrade<br>
<br>
<pre class="moz-signature" cols="72">--
Yours sincerely,
Teo En Ming
Singapore
</pre>
<br>
<br>
On 27/09/2014 00:04, Teo En Ming wrote:<br>
</div>
<blockquote cite="mid:54258E83.2010303@gmail.com" type="cite">
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
<div class="moz-cite-prefix">I have already made sure that my
cPanel server is safe from the Shellshock Bash vulnerability.
Now I am trying to confirm my wireless router is safe from the
shellshock bug, which is also based on Linux.<br>
<br>
Link for further reading: <br>
<br>
<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="http://seclists.org/snort/2014/q3/976">http://seclists.org/snort/2014/q3/976</a><br>
<br>
Thanks for the information.<br>
<br>
<pre class="moz-signature" cols="72">--
Yours sincerely,
Teo En Ming
Singapore
</pre>
<br>
<br>
On 26/09/2014 23:43, Kevin O'Gorman wrote:<br>
</div>
<blockquote
cite="mid:CAGVXcSb+Yrhpv3X_D+iepfAPLA-oPcOJ2a4Sh2L5wXb0Qu0t+w@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>There has been a code-injection vulnerability in bash
for the last 22 years, recently discovered and named
"Shellshock". It's nasty. <a moz-do-not-send="true"
href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271">http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271</a><br>
<br>
</div>
Here's a quick one-liner to see if you're vulnerable:<br>
$ env x='() { :;}; echo vulnerable' bash -c "echo this is
a test"<br>
vulnerable<br>
this is a test<br>
$<br>
<br>
</div>
If you get that result, update your bash from the
repositories, and all should be well:<br>
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a
test"<br>
bash: warning: x: ignoring function definition attempt<br>
bash: error importing function definition for `x'<br>
this is a test<br>
$<br>
<br>
</div>
Safe computing to all<br>
<div>
<div>
<div>
<div><br clear="all">
<div>
<div>
<div><br>
-- <br>
<div dir="ltr">Kevin O'Gorman<br>
</div>
<div>#define QUESTION ((bb) || (!b)) /*
Shakespeare */<br>
<br>
</div>
<div dir="ltr"><span
style="line-height:normal;font-variant:normal;font-size:10pt;font-style:normal;font-weight:normal"><span
style="line-height:normal;font-variant:normal;font-size:10pt;font-style:normal;font-weight:normal"></span></span>
<table cellpadding="0" cellspacing="0"
border="0" width="448">
<tbody>
<tr>
<td width="25"><img
src="cid:part3.01000504.01080207@gmail.com"
height="21" width="25"></td>
<td width="423"><span
style="font-family:Verdana,Geneva,sans-serif;color:rgb(0,153,0);margin-left:5px;font-size:10px">Please
consider the environment before
printing this email.</span></td>
</tr>
</tbody>
</table>
<br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
<br>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">
</pre>
</body>
</html>