Our webserver was vulnerable. Tried to fix it without backing it up first....yeah, I know. Lost it all. So I guess I will be building a new website from my 2013 backup this weekend. It's a good thing I carpet bombed my website to prevent anyone from messing with it!
On Sat, Sep 27, 2014 at 10:25 AM, Ken Hohhof via Af <af@afmug.com> wrote: > Unfortunately I have a couple old servers running RHEL4 and one old > BlueQuartz webhosting appliance based on CentOS4. I’m a little reluctant > to try compiling the patch myself unless I switch to a difference shell > first, if I screw up my command shell it might be difficult to fix. > > Any guess if I’d be safe using the RPM cited in this thread: > > http://serverfault.com/questions/631055/how-do-i-patch-rhel-4-for-the-bash-vulnerabilities-in-cve-2014-6271-and-cve-2014 > > the RPM it points to is: > > > http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.2.el4.i386.rpm > > > *From:* Ty Featherling via Af <af@afmug.com> > *Sent:* Saturday, September 27, 2014 10:52 AM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] Bash specially-crafted environment variables code > injection attack > > > Yeah probably the NSA! Hahaha! > > -Ty > On Sep 26, 2014 10:36 PM, "That One Guy via Af" <af@afmug.com> wrote: > >> Man I bet theres some guy whose been exploiting this for 20 years who is >> pissed right now >> >> On Fri, Sep 26, 2014 at 1:54 PM, Ty Featherling via Af <af@afmug.com> >> wrote: >> >>> CentOS on some, Ubuntu on others. Already got the answers in this thread >>> though, thanks. >>> >>> -Ty >>> >>> On Fri, Sep 26, 2014 at 11:54 AM, Mike Hammett via Af <af@afmug.com> >>> wrote: >>> >>>> Which distribution? >>>> >>>> >>>> >>>> ----- >>>> Mike Hammett >>>> Intelligent Computing Solutions >>>> http://www.ics-il.com >>>> >>>> ------------------------------ >>>> *From: *"Ty Featherling via Af" <af@afmug.com> >>>> *To: *af@afmug.com >>>> *Sent: *Thursday, September 25, 2014 2:42:31 PM >>>> *Subject: *Re: [AFMUG] Bash specially-crafted environment variables >>>> code injection attack >>>> >>>> Noob question but how can I easiest update my linux boxes to get the >>>> latest patches? >>>> >>>> -Ty >>>> >>>> On Thu, Sep 25, 2014 at 1:59 PM, Josh Reynolds via Af <af@afmug.com> >>>> wrote: >>>> >>>>> Upgraded our systems at 6am yesterday for this. Also pulled the bash >>>>> .deb out of debian-stable/security for our ubiquiti edgerouters. (I >>>>> made on a post on the UBNT forum with the CVE info yesterday.) >>>>> >>>>> Side note: TONS of things are affected by this... >>>>> >>>>> Josh Reynolds, Chief Information Officer >>>>> SPITwSPOTS, www.spitwspots.com >>>>> On 09/25/2014 10:25 AM, Peter Kranz via Af wrote: >>>>> >>>>> PS.. This vulnerability can be exploited via HTTP/Apache attack vectors, >>>>> so you need to patch any vulnerable system running Apache. >>>>> >>>>> Peter Kranz >>>>> Founder/CEO - Unwired Ltdwww.UnwiredLtd.com >>>>> Desk: 510-868-1614 x100 >>>>> Mobile: 510-207-0000pkr...@unwiredltd.com >>>>> >>>>> -----Original Message----- >>>>> From: Af [mailto:af-bounces+pkranz=unwiredltd....@afmug.com >>>>> <af-bounces+pkranz=unwiredltd....@afmug.com>] On Behalf Of Matt via Af >>>>> Sent: Thursday, September 25, 2014 10:27 AM >>>>> To: af@afmug.com >>>>> Subject: [AFMUG] Bash specially-crafted environment variables code >>>>> injection attack >>>>> >>>>> Bash specially-crafted environment variables code injection attack >>>>> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ >>>>> >>>>> >>>>> >>>> >>>> >>> >>> >> >> >> >> -- >> All parts should go together without forcing. You must remember that the >> parts you are reassembling were disassembled by you. Therefore, if you >> can't get them together again, there must be a reason. By all means, do not >> use a hammer. -- IBM maintenance manual, 1925 >> >