A blog on Computer Science, Security, Programming, and more...

HeapSpray Blog » Security » View Post

29
Sep
2014

CVE-2014-6271 / shellshock

Written by Matt

Not affected because of suhosin + nginx + OpenBSD, chroot, extremely restrictive firewall and /dev/null as shell for nginx/php-fpm/pgsql user. Go layered security.

This whole thing seems blown out of proportion. If you're vulnerable to this you've been vulnerable to many other things for a while. This is simply easier as a mass-scan-and-exploit approach.

Topic: Security tags: OpenBSD, bash, exploits
  • Name and Email fields are optional
  • Your email will not be public, only the administrator can see it
  • You are rate limited to one comment for every 10 minutes
No.1 - Anonymous   2014-10-04 16:46
Part of the problem with "Shellshock" is that if you're either calling system or using bash scripts as CGI to begin with, you were doing it wrong. The DCHP thing is potentially a problem, but again, just don't connect to some network you don't know. Or just don't let dchp run shell scripts because that's fucking stupid. You're only vulnerable if you're using cpanel or some other multi-headed, bloated CMS like some kind of mongoloid.
No.2 - Anonymous ## Administrator ##   2014-10-05 4:48
@1 -- pretty much. The only real exploit I see for this would be the DHCP attack if someone is able to crack your wireless (or if you're connecting to public WiFi) and sends you a crafted request impersonating the DHCP server since it uses UDP. Though there's many other attacks you can do in that case either way.
No.3 - Anonymous   2014-10-05 8:41
@2 - Oh, dear, I fucked up spelling DHCP. Oops. But yeah, indeed. It's ludicrous that people are claiming this is wormable.The Apache Magika exploit by kingcope was, essentially, similar: cgis packed with Apache being exploitable under certain situations. It worked, but only on a fraction of the internet. Nobody said anything about that. I don't get where the hype for Shellshock is coming from.