95% of home routers are not secure from 10 different issues that will not get fixed. I recommend shutting down completely when you are not using your computers.
95% of home routers are not secure from 10 different issues that will not get fixed. I recommend shutting down completely when you are not using your computers.
I am in charge of an archive server that doesn't have bash, but it does have sh as the default shell. It runs some proprietary Linux version (actually, I think it might be Ubuntu-based from what I can tell), but it doesn't have apt-get or even any compilers on it. Running the test with "bash" replaced by "sh" reports that it is vulnerable. Does anyone know if there's a patch for sh? Even if there is, I don't know how I would install it since I can't compile anything on it ... I will probably have to get in touch with the vendor.
Sorry if this is a noob question.
upgraded today to 12.04 LTS
I followed the 1st post and believe I was successful. Thank you oldrocker99 for this.Code:env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable
When I run the 1st test I think what is returned is correct
When I run the 2nd test I'm thinking this not correct?Code:env x='() { :;}; echo vulnerable' /bin/bash.old -c echo vulnerable
Any guidance would be greatly appreciated.Code:env x='() { :;}; echo vulnerable' bash -c echo env: bash: No such file or directory
Thank You
TL
Last edited by translux; September 25th, 2014 at 10:42 PM.
So, in effect, any embedded platform that has busybox would be affected as well?
-------------------------------------
Oooh Shiny: PopularPages
Unumquodque potest reparantur. Patientia sit virtus.
Negative Busybox is OK
From the article linked above.
Iternet of Things (IoT) and embedded devices such as routers may be vulnerable if they’re running BASH. However, many newer devices run a set of tools called BusyBox which offers an alternative to BASH. Devices running BusyBox are not vulnerable to the Bash Bug.
Ubuntu 12.04.5... cleanly re-installed a month ago and updated recently.
Go to Update Manager and get the new bash.
Easy.
Last edited by rob-rushworth; September 26th, 2014 at 04:28 AM.
we are just talking that it is not so easy since it doesn't solve the problem. it is only partial solution, but at least there is. anyway i am hoping we will have this patched by sunday
Read the easy to understand, lots of pics Ubuntu manual.
Do i need antivirus/firewall in linux?
Full disk backup (newer kernel -> suitable for newer PC): Clonezilla
User friendly full disk backup: Rescuezilla
Bookmarks