Jump to content
Eternal Lands Official Forums
Sign in to follow this  
Devnul

Critical bash bug - remote code execution.

Recommended Posts

Or whatever command your distribution uses for upgrades...

 

We're not all using debian-based distro's :P

Share this post


Link to post
Share on other sites

Do not panic, if you don't run a server. For desktop computers which you use alone or only by trusted people this bug is not that severe as there's most likely no attack vector, save maybe java in your browser, which is an attack vector no matter what. For a remote attacker to exploit it, you must have running a service which allows execution of (unpriviliged) shell code. This can possibly be done indirectly via some other service like a web service with forms which are parsed or similar. But that's generally not the case on desktops.

 

Also, every reasonable distribution has fixed it meanwhile, most fixed it within hours. And it should be part of the usual updates one receives (and you always install updates when your system notifies you, don't you? :D).

Edited by Elke

Share this post


Link to post
Share on other sites

DO NOT PANIC! Said Yahoo administrator and ...

 

http://webcache.googleusercontent.com/search?q=cache%3Awww.futuresouth.us%2Fyahoo_hacked.html

Website from cache, since the original one goes up and down, I wonder why ... NOT!

 

Original: http://www.futuresouth.us/yahoo_hacked.html

 

Yahoo runs web services. They are open to exploits.

You are more or less safe if you don't have services that listen to the outside world on your personal computer.

 

Those bugs are due to the lack of code auditing so it is good that they are being found and addressed.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×