Shellshock (Bash Computer Bug) Exploited – Responding from Venders

Heartbleed Extension Vulnerability caused lots of worries for Internet system. The affects still do not go away and now Shellshock coming.  This latest vulnerability affects the command line software Bash operating at Linux , Unix and Mac OS X.

Vendors have been posting the patches and suggestions on their websites already. Here is some quick collections for my environment.

1. Checkpoint’s Responding:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673

2. Cisco’s Responding: 

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

3. Juniper’s Responding:

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648&actp=RSS

4. Vmware:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740

Note: How it happened? (from Symantec)

An attacker can potentially use CGI to send a malformed environment variable to a vulnerable Web server. Because the server uses Bash to interpret the variable, it will also run any malicious command tacked-on to it.

Share this:

• Click to share on Twitter (Opens in new window)
• Click to share on Facebook (Opens in new window)
• More

• Click to print (Opens in new window)
• Click to share on LinkedIn (Opens in new window)
• Click to share on Reddit (Opens in new window)
• Click to share on Tumblr (Opens in new window)
• Click to share on Pinterest (Opens in new window)
• Click to share on Pocket (Opens in new window)
• Click to share on Telegram (Opens in new window)
• Click to share on WhatsApp (Opens in new window)
• Click to share on Skype (Opens in new window)

Like this:

Like Loading...

Related