Sonsivri
 
*
Welcome, Guest. Please login or register.
Did you miss your activation email?
March 28, 2024, 08:03:42 20:03


Login with username, password and session length


Pages: [1]
Print
Author Topic: Heads-up: Major Linux BASH Vulnerability  (Read 3339 times)
0 Members and 1 Guest are viewing this topic.
Magnox
Active Member
***
Offline Offline

Posts: 249

Thank You
-Given: 976
-Receive: 279


Oink!


« on: September 26, 2014, 10:22:29 10:22 »

In case anyone has missed this, a major exploit in BASH has been discovered and made public a couple of days ago. It effects OpenSSH too. I've only just seen the news (removes head from sand...)

Just google it for info.

Anyone on Linux kit, do the necessary!
Logged
George
Junior Member
**
Offline Offline

Posts: 41

Thank You
-Given: 20
-Receive: 35


« Reply #1 on: September 27, 2014, 11:48:53 23:48 »

Any idea if this means that Linux based routers are vulnerable to remote attacks?
Logged
Magnox
Active Member
***
Offline Offline

Posts: 249

Thank You
-Given: 976
-Receive: 279


Oink!


« Reply #2 on: September 28, 2014, 01:45:59 13:45 »

Possibly yes, according to Symantec:

"Aside from Web servers, other vulnerable devices include Linux-based routers that have a Web interface that uses CGI. In the same manner as an attack against a Web server, it may be possible to use CGI to exploit the vulnerability and send a malicious command to the router."
Logged
Cain
Junior Member
**
Offline Offline

Posts: 81

Thank You
-Given: 165
-Receive: 102


« Reply #3 on: September 28, 2014, 02:17:48 14:17 »

Any "easy" way to test to see if a router is vulnerable?
Logged
SB7
Senior Member
****
Offline Offline

Posts: 344

Thank You
-Given: 286
-Receive: 752


Cry Havoc and let slip the dogs of war


« Reply #4 on: September 28, 2014, 03:09:52 15:09 »

Most routers ( consumer ) use Busybox which uses "ASH" not bash and thus are not unacceptable to Shellshock.  ( It does appear that linksys , cisco may be running bash)
Secondly, this is only a problem if you allow external web based config of your router.  Typically that is turned off to only allow the web page config to be used from within the network
Of course you could be running telnet or SSH without a password .... that would be unwise. But then that's always been unwise.
To see if bash is even installed you could ssh into your router and try to execute "bash"  I doubt it's even installed.

« Last Edit: September 28, 2014, 03:58:58 15:58 by SB7 » Logged
Cain
Junior Member
**
Offline Offline

Posts: 81

Thank You
-Given: 165
-Receive: 102


« Reply #5 on: September 28, 2014, 04:08:19 16:08 »

Thanks for clarifying SB7. I do have the remote admin on since I need it and will check via Telnet/SSH. One thing that I did now was to only allow the specific IP-range from my work.

Logged
SB7
Senior Member
****
Offline Offline

Posts: 344

Thank You
-Given: 286
-Receive: 752


Cry Havoc and let slip the dogs of war


« Reply #6 on: September 28, 2014, 04:10:04 16:10 »

You could try an external test to "probe you from the outside" :-)

h_ttp://shellshock.brandonpotter.com/

Enter your external IP and see if what you are presenting to internet is vulnerable
Logged
Cain
Junior Member
**
Offline Offline

Posts: 81

Thank You
-Given: 165
-Receive: 102


« Reply #7 on: September 28, 2014, 05:33:45 17:33 »

I'm safe Smiley... Here are two more...

h_ttp://www.shellshocktest.com

h_ttp://bashsmash.ccsir.org

Checked www.sonsivri.to as well and that server running it looks safe as well.
« Last Edit: September 28, 2014, 05:50:32 17:50 by Cain » Logged
Pages: [1]
Print
Jump to:  


DISCLAIMER
WE DONT HOST ANY ILLEGAL FILES ON THE SERVER
USE CONTACT US TO REPORT ILLEGAL FILES
ADMINISTRATORS CANNOT BE HELD RESPONSIBLE FOR USERS POSTS AND LINKS

... Copyright © 2003-2999 Sonsivri.to ...
Powered by SMF 1.1.18 | SMF © 2006-2009, Simple Machines LLC | HarzeM Dilber MC