[beagleboard] Re: BeagleBoard bash flaw
Mark Young mymounta...@gmail.com wrote: [-- text/plain, encoding 7bit, charset: UTF-8, 13 lines --] The bash flaw is there, does anyone have information on a fix yet? http://securitywatch.pcmag.com/internet/327769-serious-bash-flaw-lets-attackers-hijack-linux-and-mac-computers As already noted the fix is already in the repositories. However the vulnerability is only a risk to a BBB which has some sort of access open to the internet. If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. -- Chris Green · -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
On 09/27/2014 05:35 AM, c...@isbd.net wrote: If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. Unless the router dhcp daemon gets compromised: https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ -- -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[beagleboard] Re: BeagleBoard bash flaw
Nuno Sucena Almeida n...@aeminium.org wrote: On 09/27/2014 05:35 AM, c...@isbd.net wrote: If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. Unless the router dhcp daemon gets compromised: https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ ... and it runs bash, which is unlikely. Anyway, why is the router's DHCP going to talk to the outside? -- Chris Green · -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
My company has it setup. Mark On Sat, Sep 27, 2014 at 10:32 AM, c...@isbd.net wrote: Nuno Sucena Almeida n...@aeminium.org wrote: On 09/27/2014 05:35 AM, c...@isbd.net wrote: If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. Unless the router dhcp daemon gets compromised: https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ ... and it runs bash, which is unlikely. Anyway, why is the router's DHCP going to talk to the outside? -- Chris Green · -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to a topic in the Google Groups BeagleBoard group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/beagleboard/qty38kNQhL8/unsubscribe. To unsubscribe from this group and all its topics, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Mr Mark F. Young 480-789-3387 *http://www.linkedin.com/in/mfyoung http://www.linkedin.com/in/mfyoung* We cannot solve our problems with the same thinking we used when we created them -Einstein The Empires of the Future will be the Empires of the mind – Winston Churchill -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
apt-get update apt-get upgrade problem solved. On Sat, Sep 27, 2014 at 7:59 AM, Mark mymounta...@gmail.com wrote: My company has it setup. Mark On Sat, Sep 27, 2014 at 10:32 AM, c...@isbd.net wrote: Nuno Sucena Almeida n...@aeminium.org wrote: On 09/27/2014 05:35 AM, c...@isbd.net wrote: If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. Unless the router dhcp daemon gets compromised: https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ ... and it runs bash, which is unlikely. Anyway, why is the router's DHCP going to talk to the outside? -- Chris Green · -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to a topic in the Google Groups BeagleBoard group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/beagleboard/qty38kNQhL8/unsubscribe. To unsubscribe from this group and all its topics, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Mr Mark F. Young 480-789-3387 *http://www.linkedin.com/in/mfyoung http://www.linkedin.com/in/mfyoung* We cannot solve our problems with the same thinking we used when we created them -Einstein The Empires of the Future will be the Empires of the mind – Winston Churchill -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
Doesn't BeagleBoard use busybox bash which doesn't even have the flaw? On Sat, Sep 27, 2014 at 7:59 AM, Mark mymounta...@gmail.com wrote: My company has it setup. Mark On Sat, Sep 27, 2014 at 10:32 AM, c...@isbd.net wrote: Nuno Sucena Almeida n...@aeminium.org wrote: On 09/27/2014 05:35 AM, c...@isbd.net wrote: If your BBB is on a LAN behind a NAT router and you don't have any ports open and redirected to the BBB then your BBB isn't at risk even if not patched yet. Unless the router dhcp daemon gets compromised: https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/ ... and it runs bash, which is unlikely. Anyway, why is the router's DHCP going to talk to the outside? -- Chris Green · -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to a topic in the Google Groups BeagleBoard group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/beagleboard/qty38kNQhL8/unsubscribe. To unsubscribe from this group and all its topics, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- Mr Mark F. Young 480-789-3387 *http://www.linkedin.com/in/mfyoung http://www.linkedin.com/in/mfyoung* We cannot solve our problems with the same thinking we used when we created them -Einstein The Empires of the Future will be the Empires of the mind – Winston Churchill -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
On Sep 27, 2014 11:26 AM, Jesse Cobra jesseco...@gmail.com wrote: Doesn't BeagleBoard use busybox bash which doesn't even have the flaw? Starting with the BBB rev c, the factory image is based on Debian. This we use real bash... -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
Not to step on Roberts toes or anything but technically Debian comes with with dash configured. Whether or not there is something done after the fact I do not know. As I have pretty much been using my own custom rootfs based on Roberts build instructions since last year. Also I am not sue if what effects bash effects dash too but . . . However all it takes is one command *dpkg-reconfigure dash* - select no and all bets are off. On Sat, Sep 27, 2014 at 11:17 AM, Robert Nelson robertcnel...@gmail.com wrote: On Sep 27, 2014 11:26 AM, Jesse Cobra jesseco...@gmail.com wrote: Doesn't BeagleBoard use busybox bash which doesn't even have the flaw? Starting with the BBB rev c, the factory image is based on Debian. This we use real bash... -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [beagleboard] Re: BeagleBoard bash flaw
On Sat, Sep 27, 2014 at 8:20 PM, William Hermans yyrk...@gmail.com wrote: Not to step on Roberts toes or anything but technically Debian comes with with dash configured. Whether or not there is something done after the fact I do not know. As I have pretty much been using my own custom rootfs based on Roberts build instructions since last year. Also I am not sue if what effects bash effects dash too but . . . However all it takes is one command dpkg-reconfigure dash - select no and all bets are off. In debian, bash is still considered essential therefor it's always installed. By default dash takes over /bin/sh There's a todo here: https://wiki.debian.org/Proposals/RemoveBashFromEssential Regards, -- Robert Nelson http://www.rcn-ee.com/ -- For more options, visit http://beagleboard.org/discuss --- You received this message because you are subscribed to the Google Groups BeagleBoard group. To unsubscribe from this group and stop receiving emails from it, send an email to beagleboard+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.