Quick info on people who don't know what Shellshock is.
Due to a bug in bash it is possible to run shell commands as root through environmental variables (env). Now realise that software like dhclient uses env, CGI like PHP etc uses env to store host-header and get/post variables.
So in a nutshell, if someone sends the right request to your website, gets it pushed into env, they can run root commands on your linux/mac/bsd/cygwin(windows) server making it do all kinds of nasty stuff.
Or you join an open free wifi hotspot which is running a hacked dhcpd which then pushed commands through dhcp options to your computer causing it to run root commands because dhclient pushes them into env, making your computer download a rootkit and installing trojan making your computer into a zombie in a botnet. And all without you seeing it happen.
debian released an update for bash today please run "apt-get update && apt-get upgrade" on your debian systems
other distro's will probably be pushing out updates as well (but i am a debian junky)
73s Robbie ON4SAX
On Fri, Sep 26, 2014 at 10:26 PM, sp2lob sp2lob@tlen.pl wrote:
(Please trim inclusions from previous messages) _______________________________________________ Greetings to everybody.
Remember Heartbleed? Now there's something new:
http://www.wired.com/2014/09/hackers-already-using- shellshock-bug-create-botnets-ddos-attacks/
Noticed several times in log files of my server!
Best regards. Tom - sp2lob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net