Author [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] [EN] [ZH] [ES] [PT] [IT] [DE] [FR] [NL] [TR] [SR] [AR] [RU] Topic: Linux delegates - update bash to evade shellshock vulnerability!  (Read 443 times)

0 Members and 1 Guest are viewing this topic.

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 155
    • View Profile
Linux delegates - update bash to evade shellshock vulnerability!
« on: September 25, 2014, 06:06:40 PM »

http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!

Offline liondani

Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #1 on: September 25, 2014, 07:52:00 PM »
updated before 1-2 days bash....
Now I realize how important it is to update in  daily base!
  https://bitshares.OPENLEDGER.info/?r=GREECE  | You are in Control | BUY | SELL | SHORT | SWAP | LOAN | TRADE |  

Offline toast

Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #2 on: September 25, 2014, 09:10:02 PM »
I think there's not a patch that completely fixes it out yet
Do not use this post as information for making any important decisions. The only agreements I ever make are informal and non-binding. Take the same precautions as when dealing with a compromised account, scammer, sockpuppet, etc.

Offline maqifrnswa

  • Hero Member
  • *****
  • Posts: 661
    • View Profile
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #3 on: September 25, 2014, 09:40:19 PM »
I think this does it:
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-025

I think most distros already pushed fixes, maybe they just haven't propagated yet
maintains an Ubuntu PPA: https://launchpad.net/~showard314/+archive/ubuntu/bitshares [15% delegate] wallet_account_set_approval maqifrnswa true [50% delegate] wallet_account_set_approval delegate1.maqifrnswa true

Offline cube

  • Hero Member
  • *****
  • Posts: 1404
  • Bit by bit, we will get there!
    • View Profile
  • BTS: bitcube
  • Witness: bitcube
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #4 on: September 26, 2014, 02:37:16 AM »
http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!

Updated to patched bash.

I do not see it as much of a threat. The exploit only works if a delegate is using shared hosting or running services such as Web server which has bash escape.  I doubt any delegate would do that.
ID: bitcube
bitcube is a dedicated witness and committe member. Please vote for bitcube.

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 155
    • View Profile
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #5 on: September 26, 2014, 08:19:34 AM »
http://arstechnica.com/security/2014/09/concern-over-bash-vulnerability-grows-as-exploit-reported-in-the-wild/
Aparantley this has a huge impact on linux/unix/osx servers with bash installed; if you've got it installed, please update it and keep ontop of this news!

Updated to patched bash.

I do not see it as much of a threat. The exploit only works if a delegate is using shared hosting or running services such as Web server which has bash escape.  I doubt any delegate would do that.
Shared hosting like 2 cores out of 16 on a cloud provider? Cause I see that as quite a likely scenario.
Either way, best to be safe and patch it ;D

Offline CoinHoarder

  • Hero Member
  • *****
  • Posts: 628
  • In Cryptocoins I Trust
    • View Profile
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #6 on: September 26, 2014, 09:16:50 PM »
Just in case anyone would find this useful.. it is a guide on how to tell if you are vulnerable and how to fix it.

https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability

Offline coolspeed

  • Hero Member
  • *****
  • Posts: 536
    • View Profile
    • My Blog
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #7 on: September 28, 2014, 07:57:37 AM »
Fixed. Thanks for warning.
Please vote for  delegate.coolspeed    dac.coolspeed
BTS account: coolspeed
Sina Weibo:@coolspeed

Offline coolspeed

  • Hero Member
  • *****
  • Posts: 536
    • View Profile
    • My Blog
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #8 on: September 28, 2014, 07:59:27 AM »
Just in case anyone would find this useful.. it is a guide on how to tell if you are vulnerable and how to fix it.

https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability

It helped me. Thank you for your link.
Please vote for  delegate.coolspeed    dac.coolspeed
BTS account: coolspeed
Sina Weibo:@coolspeed

Offline cryptillionaire

  • Full Member
  • ***
  • Posts: 155
    • View Profile
Re: Linux delegates - update bash to evade shellshock vulnerability!
« Reply #9 on: October 01, 2014, 08:45:16 PM »
Excellent response guys, if anyone hasn't looked into patching this, please do.
It might not have a massive impact on bitshare dacs, but it's better safe than sorry.

 

Google+