[amres-info] Sigurnosni propust u Bash softverskom paketu (CVE-2014-6271)

Miloš Kukoleča milos.kukoleca at amres.ac.rs
Fri Sep 26 11:11:23 CEST 2014 

Poštovane koleginice i kolege,

 

Otkriven je novi sigurnosni propust u Bash softverskom paketu. Ovi propustom
su pogođene sve poznatije Linux distribucije (CentOS, Debian, RedHat,
Ubuntu) i Mac OS X. Koristeći bug u Bash paketu napadač može izvršiti
maliciozne skripte na udaljenom serveru ubacujući specijalno kreirane
globalne promenljive. Potencijalno pogođeni servisi su:

 

-          Apache HTTP server

-          DHCP

-          SSHD, telnet i sl.

 

Možete proveriti da li je vaš server pogođen ovim propustom pokretanjem
sledeće komande u CLI okruženju:

#env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

 

Operativni sistem je ranjiv ukoliko dobijete sledeću poruku:

vulnerable
this is a test

 

Operativni sistem nije ranjiv ukoliko dobijete sledeću poruku:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

 

Molimo vas da proverite vaše Linux servere i ažurirate Bash softverski paket
budući da su sve distribucije izdale najnoviju zakrpu. U nastavku vas
upućujemo na odgovarajuće linkove za posebne distribucije.

 

CentOS/RedHat operativni sistem:

http://lists.centos.org/pipermail/centos/2014-September/146099.html

https://rhn.redhat.com/errata/RHSA-2014-1306.html

 

Debian operativni sistem:

https://www.debian.org/security/2014/dsa-3032

 

Ubuntu operativni sistem:

http://www.ubuntu.com/usn/usn-2363-1/

 

Srdačan pozdrav,

 

AMRES CSIRT tim

 

Description: bplogo

 

Akademska mreža Republike Srbije

Bulevar Kralja Aleksandra 90, 11000 Beograd, Srbija

 

Tel:                   +381 11 7158 942

Fax:                  +381 11 3370 288

Email               csirt at amres.ac.rs

Internet:         <http://www.amres.ac.rs/> http://www.amres.ac.rs

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20140926/419a3b51/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 3571 bytes
Desc: not available
Url : http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20140926/419a3b51/attachment-0001.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5603 bytes
Desc: not available
Url : http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20140926/419a3b51/attachment-0001.bin

More information about the amres-info mailing list