Re: serious and widespread Bash vulnerability CVE-2014-6271

["Avdagic, Indir" <iavdagic () SEAS HARVARD EDU>]

Hi all,

Tenable just released a CGI plugin and a non-CGI plugin for Nessus:

Plugin ID: 77829: http://www.tenable.com/plugins/index.php?view=single&id=77829

Plugin ID: 77823: http://www.tenable.com/plugins/index.php?view=single&id=77823

Best,

~~Indir

______________________________________________________
Indir Avdagić, CISM, CISSP, ACSA, TICSA
Director of Information Security and Risk Management
& Int. Assoc. Director of Computing
Harvard University - SEAS
Email: indir_avdagic () harvard edu<mailto:iavdagic () seas harvard edu>
Phone: (617) 496-3502
______________________________________________________
P Think twice before you print
 CONFIDENTIALITY: This email (including any attachments) may contain confidential, proprietary and privileged 
information, and unauthorized disclosure or use is prohibited. If you received this email in error, please notify the 
sender and delete this email from your system.


From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Keller, 
Alex
Sent: Wednesday, September 24, 2014 9:56 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] serious and widespread Bash vulnerability CVE-2014-6271

Hi Folks,

This Bash vulnerability appears to be serious and widespread (CVSS 10/High):

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

Best,
alex


[NCCIC / US-CERT]

National Cyber Awareness System:
Bourne Again Shell (Bash) Remote Code Execution 
Vulnerability<https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability>
09/24/2014 06:06 PM EDT

Original release date: September 24, 2014

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. 
Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

US-CERT recommends users and administrators review the Redhat Security 
Blog<https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/> 
for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A 
GNU Bash patch<http://lists.gnu.org/archive/html/bug-bash/2014-09/threads.html> is also available for experienced users 
and administrators to implement.

Operating systems with updates include:

  *   CentOS<http://lists.centos.org/pipermail/centos/2014-September/146099.html>
  *   Debian<https://www.debian.org/security/2014/dsa-3032>
  *   Redhat<https://access.redhat.com/site/solutions/1207723>


Alex Keller
Information Technology
Stanford School of Engineering
axkeller () stanford edu<mailto:axkeller () stanford edu>
(650) 736-6421
[SoE_IT_Logo]