Bourne Again Shell Vulnerability on Linux and Mac OS X

Senior Advisor

Bourne Again Shell Vulnerability on Linux and Mac OS X

Hi

 

Please take note of the security issues and install a security patches on Any All of your Linux Distros.

 

Will be posting of any new OS X security updates... at the moment please do check the Apple Security Update webpage often. That's is my recommendations.

 

support.apple.com/kb/ht1222

 

 

 

------------------------------------------------------------------------------------------------------------------------

 

https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Executi...

 

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and did not fully address the problem. MITRE later assigned CVE-2014-7169 to cover the remaining problems after the application of the first patch.

US-CERT recommends users and administrators review TA14-268A, Vulnerability Note VU#252743 and the Redhat Security Blog (link is external) for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.

Operating systems with updates include:

    CentOS
    Debian
    Redhat (link is external)
    Ubuntu (link is external)

http://lists.centos.org/pipermail/centos/2014-September/146099.html

 

https://www.debian.org/security/2014/dsa-3032

 

https://access.redhat.com/site/solutions/1207723

 

http://www.ubuntu.com/usn/usn-2362-1/

5 REPLIES 5
F-Secure Product Expert
F-Secure Product Expert

Re: Bourne Again Shell Vulnerability on Linux and Mac OS X

Please also refer to the following page for information.

http://www.f-secure.com/v-descs/backdoor_linux_shellshock.shtml



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Senior Advisor

Re: Bourne Again Shell Vulnerability on Linux and Mac OS X

Okay as promise,

 

I posted the Bash fix for Mac OS X!

 

 

Mac OS X Maverick 10.9 bash fix....

 

http://support.apple.com/kb/DL1769

 

 

 

Mac OS X Mountain Lion 10.8 bash fix

 

http://support.apple.com/kb/DL1768

 

 

Mac OS X Lion 10.7 bash fix

 

http://support.apple.com/kb/DL1767

 

 

 

Do check this site often for Apple Security Updates

 

http://support.apple.com/en_US/downloads/#macos

 

 

Senior Advisor

Re: Bourne Again Shell Vulnerability on Linux and Mac OS X

Senior Advisor

Re: @Ben Bourne Again Shell Vulnerability on Linux and Mac OS X

Thanks Ben and a kudos for you!

 

 

F-Secure Product Expert
F-Secure Product Expert

Re: @Ben Bourne Again Shell Vulnerability on Linux and Mac OS X

Thanks but Kudos should go to our lab guys on that one.

 

You can also check the security advisory fsc-2014-7 published on ShellShock.



Best Regards

-Ben

_________________________________

Has somebody helped you? Say thanks by giving likes. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.