Posted on 09/29/2014 11:22:24 AM PDT by Utilizer
The Shellshock vulnerability in the commonly used Bash command line interpreter shell is likely to require more patches, as security researchers continue to unearth further problems in the code.
Google security researcher Michal "lcamtuf" Zalewski has disclosed to iTnews that over the past two days he has discovered two previously unaddressed issues in the Bash function parser, one of which is as bad as the original Shellshock vulnerability.
"The first one likely permits remote code execution, but the attack would require a degree of expertise to carry out," Zalewski said.
"The second one is essentially equivalent to the original flaw, trivially allowing remote code execution even on systems that deployed the fix for the initial bug," he added.
Common vulnerabilities and exposures numbers CVE-2014-6277 and CVE-2014-6278 have been assigned to the vulnerabilties.
(Excerpt) Read more at itnews.com.au ...
(Note that the timestamp is in the Australian timezone)
Oy vey!
“At first sight, the potential for remote exploitation should be limited to CGI scripts that start with #!/bin/bash and to several other programs that explicitly request this particular shell. But there’s a catch: on a good majority of modern Linux systems, /bin/sh is actually a symlink to /bin/bash!
“This means that web apps written in languages such as PHP, Python, C++, or Java, are likely to be vulnerable if they ever use libcalls such as popen() or system(), all of which are backed by calls to /bin/sh -c ‘...’. There is also some added web-level exposure through #!/bin/sh CGI scripts, <!—#exec cmd=”...”> calls in SSI, and possibly more exotic vectors such as mod_ext_filter.
“For the same reason, userland DHCP clients that invoke configuration scripts and use variables to pass down config details are at risk when exposed to rogue servers (e.g., on open wifi). A handful of MTAs, MUAs, or FTP server architectures may be also of concern - in particular, there are third-party reports of qmail installations being at risk.”
ping...
Sloppy Web Site builders making it crap for everyone
I understand that one of the machines at work has bash, and probably most Macs do.
But I also understand that if users haven’t changed the default security settings of their machines, and many (most?) users probably haven’t, then you’ve still got safety nets.
Insights welcome.
For the most part, if you're not running a webserver, this isn't really an issue for you. You should go ahead and patch anyway, but there is no real urgency.
The vast majority of users don't have to worry about this bug on their own systems, except where the rogue DHCP servers come in.
I looked about and couldn’t find any info but I was wondering how the Shellshock situation came about in the first place. Was it just bad/sloppy coding/design, a problem with the compiler, or something else?
Previous post when we started discussing it here:
http://www.freerepublic.com/focus/f-chat/3209096/posts
Thanks, but that’s a link to this thread.
Oops, sorry, let Me re-look it up then...
I must run, but here are two previous threads that might help with some background:
1. http://freerepublic.com/focus/f-chat/3182001/posts
2. http://freerepublic.com/focus/f-chat/3142152/posts
Hope that helps. :)
I honestly have no clue how any work gets done on a modern OS, just boggles my mind there are so many moving parts.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.