Guessing... wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.3.el4.i386.rpm rpmbuild --rebuild bash-3.0-27.0.3.el4.src.rpm rpm -qa |grep bash rpm -Uvh /usr/src/redhat/RPMS/i386/bash-3.0-27.0.3.i386.rpm rpm -qa |grep bash
On Sat, Sep 27, 2014 at 11:26 AM, Ken Hohhof via Af <af@afmug.com> wrote: > Unfortunately I have a couple old servers running RHEL4 and one old > BlueQuartz webhosting appliance based on CentOS4. I’m a little reluctant to > try compiling the patch myself unless I switch to a difference shell first, > if I screw up my command shell it might be difficult to fix. > > Any guess if I’d be safe using the RPM cited in this thread: > http://serverfault.com/questions/631055/how-do-i-patch-rhel-4-for-the-bash-vulnerabilities-in-cve-2014-6271-and-cve-2014 > > the RPM it points to is: > > http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.2.el4.i386.rpm > > > From: Ty Featherling via Af > Sent: Saturday, September 27, 2014 10:52 AM > To: af@afmug.com > Subject: Re: [AFMUG] Bash specially-crafted environment variables code > injection attack > > > Yeah probably the NSA! Hahaha! > > -Ty > > On Sep 26, 2014 10:36 PM, "That One Guy via Af" <af@afmug.com> wrote: >> >> Man I bet theres some guy whose been exploiting this for 20 years who is >> pissed right now >> >> On Fri, Sep 26, 2014 at 1:54 PM, Ty Featherling via Af <af@afmug.com> >> wrote: >>> >>> CentOS on some, Ubuntu on others. Already got the answers in this thread >>> though, thanks. >>> >>> -Ty >>> >>> On Fri, Sep 26, 2014 at 11:54 AM, Mike Hammett via Af <af@afmug.com> >>> wrote: >>>> >>>> Which distribution? >>>> >>>> >>>> >>>> ----- >>>> Mike Hammett >>>> Intelligent Computing Solutions >>>> http://www.ics-il.com >>>> >>>> ________________________________ >>>> From: "Ty Featherling via Af" <af@afmug.com> >>>> To: af@afmug.com >>>> Sent: Thursday, September 25, 2014 2:42:31 PM >>>> Subject: Re: [AFMUG] Bash specially-crafted environment variables code >>>> injection attack >>>> >>>> Noob question but how can I easiest update my linux boxes to get the >>>> latest patches? >>>> >>>> -Ty >>>> >>>> On Thu, Sep 25, 2014 at 1:59 PM, Josh Reynolds via Af <af@afmug.com> >>>> wrote: >>>>> >>>>> Upgraded our systems at 6am yesterday for this. Also pulled the bash >>>>> .deb out of debian-stable/security for our ubiquiti edgerouters. (I made >>>>> on >>>>> a post on the UBNT forum with the CVE info yesterday.) >>>>> >>>>> Side note: TONS of things are affected by this... >>>>> >>>>> Josh Reynolds, Chief Information Officer >>>>> SPITwSPOTS, www.spitwspots.com >>>>> >>>>> On 09/25/2014 10:25 AM, Peter Kranz via Af wrote: >>>>> >>>>> PS.. This vulnerability can be exploited via HTTP/Apache attack >>>>> vectors, so you need to patch any vulnerable system running Apache. >>>>> >>>>> Peter Kranz >>>>> Founder/CEO - Unwired Ltd >>>>> www.UnwiredLtd.com >>>>> Desk: 510-868-1614 x100 >>>>> Mobile: 510-207-0000 >>>>> pkr...@unwiredltd.com >>>>> >>>>> -----Original Message----- >>>>> From: Af [mailto:af-bounces+pkranz=unwiredltd....@afmug.com] On Behalf >>>>> Of Matt via Af >>>>> Sent: Thursday, September 25, 2014 10:27 AM >>>>> To: af@afmug.com >>>>> Subject: [AFMUG] Bash specially-crafted environment variables code >>>>> injection attack >>>>> >>>>> Bash specially-crafted environment variables code injection attack >>>>> >>>>> >>>>> https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ >>>>> >>>>> >>>> >>>> >>> >>> >> >> >> >> >> -- >> All parts should go together without forcing. You must remember that the >> parts you are reassembling were disassembled by you. Therefore, if you can't >> get them together again, there must be a reason. By all means, do not use a >> hammer. -- IBM maintenance manual, 1925
