I keep reading there are patches for the patches. From: Shayne Lebrun via Af Sent: Saturday, September 27, 2014 7:17 PM To: af@afmug.com Subject: Re: [AFMUG] Bash specially-crafted environment variables codeinjection attack
On Debian, doing an ‘aptitude update;aptitude upgrade’ will almost never do anything ‘wrong,’ and if it thinks it’s going to, it will generally warn you about it right then and there, and often give you a few choices on what to do about it. On a RHEL/CentOS distribution, ‘yum update’ will sometimes do incredibly stupid things. I once had a ‘yum update’ make the stock Cacti server decide to look for the rrds in a different spot. I’ve had it overwrite, without asking or notifying, config files, init.d startup scripts, etc etc. Once, I had it upgrade to a kernel with a known filesystem corruption bug. Just a day ago, doing it for the shellshock fix, it screwed up an snmptt handler by changing snmptrapd’s behavior for passing OIDs from numeric to non-numeric, so suddenly all of my traps were ‘unknown’ by snmptt. Takeaway: Do the ‘yum upgrade’ but anything odd that happens over the next few weeks, that’s why. From: Af [mailto:af-bounces+slebrun=muskoka....@afmug.com] On Behalf Of That One Guy via Af Sent: Friday, September 26, 2014 12:22 PM To: af@afmug.com Subject: Re: [AFMUG] Bash specially-crafted environment variables code injection attack there will be no v9 impact by doing that? On Fri, Sep 26, 2014 at 11:20 AM, Simon Westlake via Af <af@afmug.com> wrote: Not if you're only running Powercode on the server, but you should still do a 'yum update' for safety. On 9/26/2014 11:10 AM, That One Guy via Af wrote: Simon, is the powercode centos vulnerable? Does it matter the ports that are exposed, we have a couple DNS servers running but only DNS is opened through the external firewall Is there a vulnerability scanner available for morons like me? On Fri, Sep 26, 2014 at 9:50 AM, Matt via Af <af@afmug.com> wrote: Redhat has released an updated patch this morning. yum update again. On Thu, Sep 25, 2014 at 12:26 PM, Matt via Af <af@afmug.com> wrote: > Bash specially-crafted environment variables code injection attack > > https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- Simon Westlake Powercode - The smart choice in ISP billing and OSS powercode.com P: 920-351-1010 E: si...@powercode.com -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
