Welcome to the Builder Academy

Important PLEASE PATCH SERVER

More
27 Sep 2014 00:10 #5072 by Kewlb
PLEASE PATCH SERVER was created by Kewlb
Rumble,

I want to make sure that you have applied any updates required for the bash exploit to the linux VM that runs the website and mud. Please send me an e-mail to bclark (at) thinkanew dot com with confirmation that this has been completed.

Please Log in or Create an account to join the conversation.

More
27 Sep 2014 02:47 #5073 by Rumble
Replied by Rumble on topic PLEASE PATCH SERVER
Welcor got to it 4 hours before your post :-) Thanks again for the excellent hosting.

Rumble
The Builder Academy
tbamud.com 9091
rumble@tbamud.com

Please Log in or Create an account to join the conversation.

More
02 Oct 2014 18:22 #5077 by thomas
Replied by thomas on topic PLEASE PATCH SERVER
And again now - more vulnerabilites are fixed by the latest bash.

Using testscript from github.com/hannob/bashcheck/blob/master/bashcheck
Code:
thomas@tbamud:~$ ./bashck Testing /bin/bash ... GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Variable function parser active, maybe vulnerable to unknown parser bugs Not vulnerable to CVE-2014-6271 (original shellshock) Not vulnerable to CVE-2014-7169 (taviso bug) Vulnerable to CVE-2014-7186 (redir_stack bug) Test for CVE-2014-7187 not reliable without address sanitizer Vulnerable to CVE-2014-6277 (lcamtuf bug #1) Vulnerable to CVE-2014-6278 (lcamtuf bug #2) thomas@tbamud:~$ sudo apt-get update ... thomas@tbamud:~$ sudo apt-get upgrade ... thomas@tbamud:~$ ./bashck Testing /bin/bash ... GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu) Variable function parser pre/suffixed [(), redhat], bugs not explitable Not vulnerable to CVE-2014-6271 (original shellshock) Not vulnerable to CVE-2014-7169 (taviso bug) Not vulnerable to CVE-2014-7186 (redir_stack bug) Test for CVE-2014-7187 not reliable without address sanitizer Found non-exploitable CVE-2014-6277 (lcamtuf bug #1) Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
The following user(s) said Thank You: zusuk

Please Log in or Create an account to join the conversation.

Time to create page: 0.177 seconds