|
I created a quick Youtube video to summarize the impact of the vulnerability. The tricky part is that there is a huge vulnerable population out there, but the impact is limited as in most cases, the vulnerability is not exposed. Feel free to share the video or the slides. I am making PPT and PDF versions available below
PDF Version of Slides --- |
Johannes 3481 Posts ISC Handler |
| Reply Subscribe |
Sep 25th 2014 4 years ago |
|
Possible error in presentation:
In presentation it says "Not an issue for clients. It is a server problem" which is not technically correct. From everything I have seen DHCP client and dhclient is a client problem for this vulnerability. |
NoLemmingsPlease 5 Posts |
| Reply Quote |
Sep 25th 2014 4 years ago |
|
Can you provide the link to the video?
|
NoLemmingsPlease 4 Posts |
| Reply Quote |
Sep 25th 2014 4 years ago |
|
added video link. Sorry for missing that earlier.
As for the client vs. server: yes, in the DHCP scenario, it is a client problem. But this scenario is less likely to be exploited. |
Johannes 3481 Posts ISC Handler |
| Reply Quote |
Sep 25th 2014 4 years ago |
|
Well, I'd mention that although this is not meant for clients, the side-effect on this would be to attack through a legit site for whatever reason, say serving adware/malware/APT campaigns... So the end of this may have a much deeper impact on clients thinking they're doing "safe" browsing. Nasty vuln in the end... Thx for the video, great stuff
|
Johannes 1 Posts |
| Reply Quote |
Sep 26th 2014 4 years ago |
|
your slide are missing one critical point:
it is not just CGI though bash, the vuln hits any CGI that calls system() opne() or popen(). i can confirm that python and perl are vulnerable to this and found as couple of gitweb-server that might be exploited. a sidenote: /bin/sh has to be a symlink to /bin/bash for this to happen, and fortunately debian is safe, while redhat/sles are vulnerable. regards, markus |
Johannes 5 Posts |
| Reply Quote |
Sep 26th 2014 4 years ago |
|
I suspect that windows clients with Cygwin may end up a being an end user issue. http://cygwin.com/packages/
|
Johannes 2 Posts |
| Reply Quote |
Sep 26th 2014 4 years ago |
|
I'm wondering also about MAMP for Windows, http://www.mamp.info/en/mamp_windows.html. Btw MAMP for MAC OS is Vulnerable.
|
mascalz1 1 Posts |
| Reply Quote |
Sep 29th 2014 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!
