South West Makers

A maker forum
https://forum.swmakers.org/

ShellShock

https://forum.swmakers.org/viewtopic.php?f=4&t=75

Page 1 of 1

ShellShock

Posted: Thu Sep 25, 2014 8:45 pm
by BeJay
Well it would seem that my pi that hasn't been updated for ages it not susceptible to "ShellShock" vun:

Code: Select all

pi@backyardpiradio ~ $ uptime
 20:43:36 up 375 days,  2:03,  1 user,  load average: 0.41, 0.26, 0.24
pi@backyardpiradio ~ $ env X="() { :;} ; echo busted" /bin/sh -c "echo stuff"
stuff
pi@backyardpiradio ~ $


but the missus is in trouble with her MAC ;)

Image

Now is a good time for those out there in maker land to update your stuff ;)

Check out TroyHunt's post: http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html#.VCPgs8alqtM.twitter

Cheers

Bj

Re: ShellShock

Posted: Mon Oct 27, 2014 5:26 pm
by Jubbp
Hey BJ,

Have you tested this after the recent updates?

I'll have to give this a go when home later

PJ

Re: ShellShock

Posted: Tue Oct 28, 2014 5:54 pm
by BeJay
Yes it was patched in the latest Mavericks release, and of course the "all new" Yosemite.

A quirky little bug that took a long time to patch. It really only affects web servers, but CUPS runs on port 631 on a MAC so was natively available as a web interface which was exploited early IIRC.. Anyway the coast seems to be clear until someone finds something else!

Re: ShellShock

Posted: Tue Oct 28, 2014 9:06 pm
by parkview
coast is clear? Now we have to patch the Poodle!

I love these names they give to them.
All times are UTC+08:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/