Shellshock bug

Similar Messages

• How to protect OSX against Shellshock bug?

  Is there a patch out already to protect against the just discovered Shellshock bug (which exploits bash)?

  Per Linc Davis, a user here who knows more about Unix than pretty much anyone else here:
  The issue only affects users who run a public server.
  From your post:
  my airport extreme just got hacked
  And what does your router have to do with the issue? Router poisoning has been known to exist for a long time, which has absolutely nothing to do with Bash, or your Mac. It's a problem with routers being shipped with remote management enabled in its settings. Reset the router, then go into the settings and disable remote access.

• ISA500 series and Shellshock bug

  Hello,
  Would the shellshock bug be corrected with a new firmware for the ISA500 series?
  It would be nice even the support end in November 14.
  And to correct the VPN issue at the same time. It's boring to reboot the device each 2-3 weeks while all tunnel fails.

  Hi,
  For up-to-date information on products affected by 'Shellshock', please see the official Security Advisory at the following link:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
  Please note the ISA500 is listed under 'Products Confirmed Not Vulnerable'. 
  Thanks,
  Brandon

• Both my MacMini and MacBook Air appear to be vulnerable to the shellshock bug. When will a patch be released?

  Both my MacMini and Macbook Air appear to be vulnerable to the Shellshock bug. When will a patch be released?

  Read http://arstechnica.com/apple/2014/09/apple-patches-shellshock-bash-bug-in-os-x-1 0-9-10-8-and-10-7/

• Is the IX2 with firmware 3.2.X vulnerable to the Shellshock bug?

  Is the IX2 with firmware 3.2.X vulnerable to the Shellshock bug?

  An update was just released addressing this issue.
  LenovoEMC has released an updated version of LifeLine that incorporates fixes for the Shellshock issues. These fixes improve environment variable parsing in Bash and reset the Bash parser state. This update also includes other security updates and fixes.
  Linux Shellshock vulnerability

• 1921 integrated services router possibly affected by ShellShock bug?

  Hi all,
  Can anyone advise if this device runs Linux or OSX based software?
  1900 series (1921) integrated services router
  I have been asked to check if this hardware is possibly at risk from the shellshock bug.
  Many thanks,
  James

  Hello:
  please see the following link, it may answer you questions
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
  Carlos

• Reg Nexus 5000 + 7000 software (Shellshock -bug )

  Hi people.
  Regarding this bug : Shellshock . What is the recomended software upgrade for Nexus 5000 & 7000.
  It is important that the VPC and FCoE is still working, after an upgrade.
  Need recommendation for following devices :
  Nexus 5000
  https://tools.cisco.com/bugsearch/bug/CSCur05017
  All current versions of NX-OS on this platform are affected unless 
  otherwise stated.. This bug will be updated with detailed affected and 
  fixed software versions once fixed software is available.
  Exposure is not configuration dependent.
  Authentication is required to exploit this vulnerability. 
  Nexus 7000
  https://tools.cisco.com/bugsearch/bug/CSCuq98748
  All current versions of NX-OS on this platform are affected unless 
  otherwise stated
  Exposure is not configuration dependent.
  Authentication is required to exploit this vulnerability.
  This bug is fixed in NX-OS versions specified below:
  5.2(9a)
  6.1(5a)
  6.2(8b)
  6.2(10) and above
  Is there anyone that has some information on this ?
  Many thanx in advance,

  Hello.
  Let me look into this for you. Do you have an existing support contract or SmartNet for these Nexus 5000 and 7000 switches, by the way?
  Let me know if you have other concerns as well or e-mail ([email protected]) me directly. 
  Kind regards. 

• Does IPS SSM affected by the Shellshock bug?

  Anybody knows if the independent IPS appliance is only affected or also the IPS SSM installed on a cisco ASA are vulnerable?
  Thanks

  According to this, yes its vulnerable:
  https://tools.cisco.com/bugsearch/bug/CSCur00552

• How to determine if my system was compromised by the shellshock bug?

  Is there any way to determine if my system was compromised / hacked? Is it enough to upgrade with "pacman -Syu" or should I reinstall the whole system?
  Last edited by Bailando (2014-09-29 15:24:02)

  The only way your system could have been compromised is if you or someone with access to your running system executed a Bash script that exploited the vulnerability. Which essentially means that in any instance in which a system was compromisd by this bug (and I'm not aware of any cases where that's actually happened) the bug itself isn't the primary security flaw.
  Burning down your house because you suspect someone may have broken into it is ...well, I'm not sure there's a word to describe how extreme that response is relative to the threat. Especially if you're just going to rebuild the house and install the same locks you fear have failed you in the first place.
  Last edited by ANOKNUSA (2014-09-29 16:06:41)

• HP hardware vulnerable to ShellShock bug?

  Hi all,
  I have been asked to check whether our HP hardware is affected in any way by the recent Bash vulnerability.
  We use the following HP hardware:
  E-MSM460 Access Point (ww)(J9591a) - Wireless Access Point
  ProCurve 2520G-24-POE (J9299A) - POE Switch
  ProCurve Switch 2510G-24 (J9279A) - Switch
  Can anyone advise whether these devices use any type of Linux or OSX based software?
  Many thanks,
  James.

  Hi,
  Please post your question on Business Support forum. HP rep at your country should tell you. I know we have many HP products in our halls (ie computer rooms) but I only talk with other vendors, not HP.
  Regards.
  BH
  **Click the KUDOS thumb up on the left to say 'Thanks'**
  Make it easier for other people to find solutions by marking a Reply 'Accept as Solution' if it solves your problem.

• Shellshock Vulnerability

  Are any of the Adobe Creative Cloud services vulnerable to the Bash / Shellshock bug?

  The Cisco PSIRT is investigating the impact of this vulnerability on Cisco products and will disclose any vulnerabilities according to our security policy, which is available at http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html .
  An INTERIM Cisco Security Advisory was published on September 25th, 2014 and is available at the following URL:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
  The Cisco PSIRT will update this Cisco Security Advisory as more information becomes available.

• Bash Shellshock

  ONE topic, TWO questions:
  Is Apple close to releasing a patch to protect OS X users from the Bash Shellshock exploit?
  Is there anything I can do by way of settings to protect my own machine, other than simply not launching the Terminal app?
  I am often in need of using SSH to access servers. I can do some (but not ALL) of the things I use Terminal for by other means, but it is slow and cumbersome, and I have business reasons for not wanting to be slow and cumbersome. My servers have already been patched. The Linux world has reacted very quickly to making this right. I have 4 Apple computers which represent a heavy investment in Apple products. I have also invested my reputation in Apple, recommending them to any of my clients who asks for my opinion. I actually had someone laugh at me yesterday.
  I searched this user forum for anything related to "shellshock" before posting this thread. Nothing came up. I am very surprised if nobody has asked this question yet. Hmmmmm........

  Ralph, thank you for the reply. I already knew that the OSF had released the patch. Like I said, both of my Linux servers have been patched. What I don't understand is why it is taking so long for Apple to push that out to its OS X users. The Linux world is huge. If OSF can push out the patch as quickly as they did, it seems to me like Apple should have been able to be just as quick. The only reason I can think of for the delay is that there is some kind of conflict involving the GNU license and Apple's integration of it into their proprietary operating system. If that's the case, then it seems like it is the lawyers that are getting in the way of what should be a fairly simple thing to fix.
  My Remote Login is set to "Off" by default, as are the rest of my Apple machines. Also, I am very careful with email attachments. BASH/Shellshock is wormable (http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html). Also by default, I never open something that I wasn't expecting in advance and my SPAM filters are set to "kill 'em all and let God sort 'em out", so I am very unlikely to open an attachment that would install a worm. Even so, I would like to know that Apple has taken steps so that I can get back to worrying about my business instead of worrying about my computers.
  I still think they are superior machines, but Apple's failure to deal with the problem as quickly and easily as the open source community was able to do so is a PR black eye; and the longer they wait to release a patch, the bigger and darker that black eye gets. If there truly is very little risk, then they should release a statement saying so, so that their user base can stop worrying about it. The silence is deafening, and it does nothing to settle anyone's fears. Apple's management are not stupid people, and the fact that they have NOT released such a statement supports the probability that there IS some risk. If there IS some risk, then WHY have they not dealt with it quickly? ......and again, since the fix is simple, we're back to the lawyers.....
  Steve Jobs would have never put up with this.

• Solaris 10 & 11 Shellshock

  Has Oracle released any patches to Bash on Solaris 10 & 11 because of CVE-2014-6271?

  EDIT 2
  Hi Folks
  status for my workaround:
  1. my workaround runs under one of our notebooks sol11.2/x86 without probs
  /opt/csw/bin in front off all in the /etc/profile
  2.
  first sparc system: sol10 sparc U5 , cswbash was installed years ago as standard-shell global (except root - sh), so this was just an update for the installed cswbash by
  pkgutil -u bash
  second sparc system sol11.1/niagara had an installed cswbash, but not using it (was coming down via pkgdepency) - anyway, I put the path of csw-bin to front and made the cswupdate, running.
  third sparc system is a sol10zone on the sol11.1 sparc-system, installed csw-bash, procedure like the other 2 sparc systems, running
  3.
  so the only system which has problems by using my workaround is the other sol11.2/x86 notebook. If I use there my workaround, I cannot start gnome-terminal neither xtrem etc. in the sol-GUI, remote-shell login via ssh is working, and opens a working csw-bash
  changing the $PATHenvironment didn´t helped, so I had to switch back to the original oracle-bash :-(
  If I am trying to start WITH workaround a gnome-terminal, it looks like gnome-terminal is coredumping, the windows opens for 1/2 sec, an closes without errormsg.
  BTW
  There are MORE vunerabilities in the bash, they talk  at least about 3 major ones .......
  Hi raider,
  yes, I guess this is a solution.
  But:
  if u have installed
  pkgutil     ( Getting started — OpenCSW 0.2014.04 documentation )
  works very fine with x86/sparc s10/11.x
  on opencsw there ist a patched version ready for install using pkgutil
  open at least before you begin 2 new shells , one as role root, if something goes wrong, that u have access to the system to reedit the changes, and one as normal user.
  have a look at http://www.opencsw.org/get-it/packages/
  sudo pkgutil -i bash
  just rename the original one in /usr/bin  to e.g. bash_ORIG_vunerable
  cd /usr/bin
  sudo rn bash bash_ORIG_vunerable
  and
  sudo ln -s /opt/csw/bin/bash /usr/bin/bash
  then
  sudo chmod -w /opt/csw/bin/bash
  then try in a new shell
  env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
  should return only
  this is a test
  and nothing with vunerable
  it is important to all systems which are providing ANY KIND of service to the internet (mail, ssh, ntp http ftp etc, have a look at Hackers take advantage of Bash Shellshock bug as developers rush to patch- The Inquirer )
  hope this helps all with no CSI / contract
  PS: I do not understand why you need for such a heavy security-bug(s) (in the opensource bash which is used and provided by oracle sol + linux) a purchaseable contract ????
  And really we are using at home sol on 2 private samsung-notebooks (just doing things u do with a notebook) , and a old ultra 5 and a sun-fire/niagara (with 2 zones), doing all u need to do for an oceanographic studying (education as student) - NO commercial use at all.......
  b.r.
  ultrafire

• ShellShock Ard Agent - Altiris Agent

  Hi All,
  can ARD agent and Altiris agent be exploited using shellshock bug on an unpatched client?
  Thanks,
  Federico

  To exploit ShellShock the atacker has to gain unauthorized access to your system in a way that involves bash being in the execution path.
  For example a web server allows unauthorized users to access web pages, but for ShellShock the web server would need to provide server side CGI scripts, AND those CGI scripts would need to run bash scripts, or use bash to invoke the CGI script.
  Or the Mac would have to allow anonymous ssh logins (for example, a GITHub source code control system distribution server).  Not many users do this, and those that do are rather knowledgeable software developers, or Unix administrators.
  The final known vector is the Common Unix Printing System (CUPS) via the web interface, which on Mavericks is disabled by default, and would need to be enabled via a Terminal command line command with administrator authentication.
  All of the above are unlikely for the typical Mac user.
  And as far as I know ARD uses authentication to access the Mac clients. I would assume Altiris also requires authentication to access the Mac clients.  Otherwise those Mac clients have worse problems than ShellShock if fellow students could use ADR to access their classmate's systems.

• Bacula-fd

  Worrying about the bash "shellshock" bug, I have taken my iMac off the network and checked for open ports.
  On OS 10.9.4, when I run netstat -atp tcp on the terminal, I see an unexpected entry for *.bacula-fd, which I never installed.
  Is bacula the back-end of Time Machine, or otherwise part of the OS? Or is it possibly malware?
  I have googled it, and what mostly comes up is instructions on how to install bacula on OSX, which worries me.
  Thanks!

  Full disclosure: I am a committer on the Bacula project (http://www.bacula.org/)
  bacula-fd is the client portion of the Bacula backup system: http://www.bacula.org/7.0.x-manuals/en/main/Client_File_daemon_Configur.html
  Is it not related to Time Machine and is not part of the OS.
  It is not malware.