| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 138032 | 2014-09-26 11:51:00 | Linux Servers at risk | wainuitech (129) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 1384815 | 2014-09-26 11:51:00 | Looks like admins world wide could be busy, depending how they are setup -- www.itnews.com.au Guess it makes a change from Windows Based computers/ Servers. | wainuitech (129) | ||
| 1384816 | 2014-09-26 23:19:00 | Yeah, the difference being that it was fixed as soon as it was found and the patches uploaded to the repo's already. All my servers were fixed in the morning update yesterday (thanks Debian security team! :D ) Actually first fix was Thursday, but a further vuln required a second patch. |
fred_fish (15241) | ||
| 1384817 | 2014-09-27 21:56:00 | I used this; env x='() { :;}; echo vulnerable' bash -c 'echo hello' picked it up from here; www.theguardian.com and it indicated that a couple of my servers were vulnerable (Debian7). Apt-get update upgrade seemed to fix it. So here's hoping? My deb6 server was funny, as the line of code indicated it was fine, and I wonder whether that was due to me using this tutorial? A few months ago and consequently fixing it when I updated. www.howtoforge.com |
jcr1 (893) | ||
| 1384818 | 2014-09-28 08:52:00 | Yeah, the difference being that it was fixed as soon as it was found and the patches uploaded to the repo's already. Except there was about a two week gap between it being found, and it being widely announced & patched. And as you've pointed out, the first patch didn't even fix it properly ;) |
inphinity (7274) | ||
| 1384819 | 2014-09-28 09:57:00 | @jcr1 Yes, the squeeze-lts is covered too. Except there was about a two week gap between it being found, and it being widely announced & patched. And as you've pointed out, the first patch didn't even fix it properly ;) Indeed. Showing quite a few scans in the server logs. Seems unpatched Cpanel implementations are prime targets. |
fred_fish (15241) | ||
| 1 | |||||