I have not fully confirmed this completely yet, but as OSSEC does not
allow external data into environmental variable so given is not an
issue.
* Chard <[email protected]> [2014-09-26 06:08:20 -0700]:
The security hole means that an attacker could potential take control of
the server. From what I have read it is primarily affecting web servers
and patching is recommend immediately.
But I'm not sure if OSSEC can be affected by this or not, as I don't know
the application in depth?
On Friday, September 26, 2014 1:44:39 PM UTC+1, cgzones wrote:
And OSSEC uses bash to invoke diff for the syscheck option report_changes
(in syscheck as root). I did not investigate right now how severe this is.
On 26 Sep 2014 13:12, "Chard" <[email protected] <javascript:>> wrote:
Hi,
I'm guessing that you have all heard on the news recently about the
security hole in Unix/Linux `Bash`.
http://www.zdnet.com/unixlinux-bash-critical-security-hole-uncovered-7000034021/
I don't think that this is the case, but does OSSEC use Bash shell
commands via web HTTP or a Common-Gateway Interface (CGI)
<http://www.w3.org/CGI>, which could leave it venerable to attacks?
Thanks.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to [email protected] <javascript:>.
For more options, visit https://groups.google.com/d/optout.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
