1. Home
  2. Forums Index
  3. Local / Foo 9:15 pm May 5, 2026

Forum Moderators: open

Message Too Old, No Replies

'Deadly serious' new vulnerability found

         

Lame_Wolf

12:11 pm on Sep 25, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



A "deadly serious" bug potentially affecting hundreds of millions of computers, servers and devices has been discovered.

The flaw has been found in a software component known as Bash, which is a part of many Linux systems as well as Apple's Mac operating system.


The problem is particularly serious given that many web servers are run using the Apache system, software which includes the Bash component.


[bbc.co.uk...]

graeme_p

12:31 pm on Sep 25, 2014 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



It has already been discussed in the *nix forum.

The BBC are inaccurate as usual: It is only a problem if you are passing unsanitised user input through Bash. Apache only does this for piped logs in 2.2 and below and it does not "include" bas, just uses it.

Other than that: Bash CGI, weak configurations of SSH together with a malicious user...

Debian and RH have patched, UBuntu is not vulnerable because it uses dash for scripts.

engine

1:33 pm on Sep 25, 2014 (gmt 0)
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Local / Foo 9:15 pm May 5, 2026