Shellshock / bash vulnerability

By -
There's been a lot written about this already so not going to say too much more but posting so I can keep a collection of links together and point people to it. It does warrant you changing your schedule and go patch things quickly.

The original vulnerability can be found at CVE-2014-6271.

Unfortunately the vulnerability and fix wasn't complete so if you patched you may need to go and patch again. Details of this updated vulnerability can be found at CVE-2014-7169

Here is Ubuntu Linux advisory. You need to be on bash 4.3-7ubuntu1.3 or higher

Here is Amazon Linux advisory. You need to be on bash 4.1.2-15.21 or higher

Here is Red Hat advisory. The version you need depends on your version of RHEL. See more details here.

The link for AWS for what needs doing is here.

Some good discussion on the issue is at lwn.net

Comments

Post a Comment

Popular posts from this blog

Getting Apple USB Ethernet adapter working with Windows 8.1 (or Windows 10)

By -
At work I'm now alternating between Windows 8.1 on a Dell and an Apple Macbook Air. As part of this I just want to switch one USB cable between machines when I switch, that is connected to a USB hub. One of the things I've attached to my USB hub is a USB to Ethernet converter. The one I had was a no-name brand one which didn't work by default on Apple. Rather than trying to get it working on Apple (and being unstable from past experience) I just plugged in an Apple USB to Ethernet converter (part A1277). Worked fine on the Mac, no joy on the Dell. Having a poke around the Dell could see what the hardware was fine, just couldn't find drivers. Now if you Google around you'll quickly see that it is an Asix chipset and people tell you to download their drivers and update drivers. Tried this, didn't work and more Googling said you can shoehorn them in by resigning, altering INF files etc. I've done this before but this just didn't seem right to me consid
Read more

How to burn a USB stick for UEFI Windows 10 build when > 4 GB files are present

By -
Making a USB stick for boot with large files Some of the Windows 10 ISOs these days have files that are larger than 4 GB on them - I first found this with Fall Creators Update (FCU) and also useful tools like Media Creation Tool will sometimes fail. When I hit this problem I couldn't find much help for building USB images, as opposed to having imaging servers. So whether you've got your ISO from the Windows 10 download site or Visual Studio (replacing MSDN) then here's how you can sort it. NB You'll still need some form of license / activation of course. The reason that building the ISO on USB for UEFI will fail as that UEFI can't read NTFS (which can have large files) but needs FAT32 which has a 4 GB file limit. This hit me on the Surface Pro 4 but in theory could be a problem with many machines. Mount the ISO locally Format a blank USB with FAT32 - needed for UEFI boot (can’t use NTFS) copy all the files to the USB from the ISO. It will fail on copy
Read more

Setting up a SoftEther VPN server for personal use

By -
Having your own VPN server can be very useful for watching TV from home while travelling, and plenty of other reasons too. With Microsoft Azure putting servers in London I decided to have a go at building my own automated VPN server so I could learn more about Azure (I work for SwiftKey, now part of Microsoft). My team at work had suggested using SoftEther and I quickly agreed with them after seeing it in use. I had built SoftEther on other cloud providers but not built it in a way that survived reboots and automatically starting the VPN. As Ubuntu has changed to using systemd in Ubuntu 16.04 I thought I'd give that a go. I've documented what I've done below so I can remember and others might find helpful. I'm assuming basic knowledge of Linux, and also that you can work out how to use Azure or your preferred provider. As a side note I also configured this server while in Windows 10 using the new bash functionality  and ssh from there which was pretty cool. First o
Read more