Sonsivri
 
*
Welcome, Guest. Please login or register.
Did you miss your activation email?
December 04, 2016, 09:22:48 21:22


Login with username, password and session length


Pages: [1]
Print
Author Topic: Heads-up: Major Linux BASH Vulnerability  (Read 741 times)
0 Members and 1 Guest are viewing this topic.
Magnox
V.I.P
Active Member
*****
Offline Offline

Posts: 208

Thank You
-Given: 775
-Receive: 238


Oink!


« on: September 26, 2014, 11:22:29 11:22 »

In case anyone has missed this, a major exploit in BASH has been discovered and made public a couple of days ago. It effects OpenSSH too. I've only just seen the news (removes head from sand...)

Just google it for info.

Anyone on Linux kit, do the necessary!
Logged
George
Junior Member
**
Offline Offline

Posts: 37

Thank You
-Given: 20
-Receive: 34


« Reply #1 on: September 28, 2014, 12:48:53 00:48 »

Any idea if this means that Linux based routers are vulnerable to remote attacks?
Logged
Magnox
V.I.P
Active Member
*****
Offline Offline

Posts: 208

Thank You
-Given: 775
-Receive: 238


Oink!


« Reply #2 on: September 28, 2014, 02:45:59 14:45 »

Possibly yes, according to Symantec:

"Aside from Web servers, other vulnerable devices include Linux-based routers that have a Web interface that uses CGI. In the same manner as an attack against a Web server, it may be possible to use CGI to exploit the vulnerability and send a malicious command to the router."
Logged
Cain
Junior Member
**
Offline Offline

Posts: 90

Thank You
-Given: 102
-Receive: 106


« Reply #3 on: September 28, 2014, 03:17:48 15:17 »

Any "easy" way to test to see if a router is vulnerable?
Logged
SB7
V.I.P
Active Member
*****
Offline Offline

Posts: 199

Thank You
-Given: 102
-Receive: 505


Cry Havoc and let slip the dogs of war


« Reply #4 on: September 28, 2014, 04:09:52 16:09 »

Most routers ( consumer ) use Busybox which uses "ASH" not bash and thus are not unacceptable to Shellshock.  ( It does appear that linksys , cisco may be running bash)
Secondly, this is only a problem if you allow external web based config of your router.  Typically that is turned off to only allow the web page config to be used from within the network
Of course you could be running telnet or SSH without a password .... that would be unwise. But then that's always been unwise.
To see if bash is even installed you could ssh into your router and try to execute "bash"  I doubt it's even installed.

« Last Edit: September 28, 2014, 04:58:58 16:58 by SB7 » Logged
Cain
Junior Member
**
Offline Offline

Posts: 90

Thank You
-Given: 102
-Receive: 106


« Reply #5 on: September 28, 2014, 05:08:19 17:08 »

Thanks for clarifying SB7. I do have the remote admin on since I need it and will check via Telnet/SSH. One thing that I did now was to only allow the specific IP-range from my work.

Logged
SB7
V.I.P
Active Member
*****
Offline Offline

Posts: 199

Thank You
-Given: 102
-Receive: 505


Cry Havoc and let slip the dogs of war


« Reply #6 on: September 28, 2014, 05:10:04 17:10 »

You could try an external test to "probe you from the outside" :-)

h_ttp://shellshock.brandonpotter.com/

Enter your external IP and see if what you are presenting to internet is vulnerable
Logged
Cain
Junior Member
**
Offline Offline

Posts: 90

Thank You
-Given: 102
-Receive: 106


« Reply #7 on: September 28, 2014, 06:33:45 18:33 »

I'm safe Smiley... Here are two more...

h_ttp://www.shellshocktest.com

h_ttp://bashsmash.ccsir.org

Checked www.sonsivri.to as well and that server running it looks safe as well.
« Last Edit: September 28, 2014, 06:50:32 18:50 by Cain » Logged
Pages: [1]
Print
Jump to:  


DISCLAIMER
WE DONT HOST ANY ILLEGAL FILES ON THE SERVER
USE CONTACT US TO REPORT ILLEGAL FILES
ADMINISTRATORS CANNOT BE HELD RESPONSIBLE FOR USERS POSTS AND LINKS

... Copyright 2003-2999 Sonsivri.to ...
Powered by SMF 1.1.18 | SMF © 2006-2009, Simple Machines LLC | HarzeM Dilber MC