Re: [Nolug] Bash Vulnerability

From: Joey Kelly <joey_at_joeykelly.net>
Date: Thu, 25 Sep 2014 17:34:32 -0500
Message-ID: <54249878.5010206@joeykelly.net>

On 09/25/2014 05:07 PM, Michael Walker wrote:
> "On the scale of 1 to 10, this is an 11," [Bruce Schneier, who is not
> related to Nigel Tufnel] said, estimating that half a million websites
> were vulnerable.
> http://www.cnet.com/news/bigger-than-heartbleed-bash-bug-could-leave-it-systems-shellshocked/

TFA:

"The quarter-century-old security flaw allows malicious code execution
within the bash shell (commonly accessed through Command Prompt on PC or
Mac <http://www.cnet.com/tags/macbooks/>'s Terminal application) to take
over an operating system and access confidential information."

DOS ain't bash. Reporter FAIL.

--Joey

>
> Mike
>
> On Thu, Sep 25, 2014 at 4:59 PM, Chris Jones <techmaster@gmail.com
> <mailto:techmaster@gmail.com>> wrote:
>
> Ludicrous speed.
>
> On Sep 25, 2014 4:59 PM, "Joey Kelly" <joey@joeykelly.net
> <mailto:joey@joeykelly.net>> wrote:
>
> On 09/24/2014 06:04 PM, John Souvestre wrote:
>>
>> Hi all.
>>
>> US-CERT scored this a 10.0 on a scale of 1 to 10.
>>
>
> One of these days a vulnerability's severity is going to go
> all the way to 11.
>
> --Joey
>>
>> https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
>>
>> John
>>
>> John Souvestre - New Orleans LA
>>
>
>
>
>
> --
>
>
> Mike Walker
> 504-383-4701
>

___________________
Nolug mailing list
nolug@nolug.org
Received on 09/25/14

This archive was generated by hypermail 2.2.0 : 10/06/14 CDT