Thread: Huge bash exploit CVE-2014-6271
View Single Post
Old 27-09-2014, 00:34   #13
qasdfdsaq
cf.mega poster
 
Join Date: Aug 2004
Posts: 11,207
qasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronze
qasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronzeqasdfdsaq is cast in bronze
Re: Huge bash exploit CVE-2014-6271
Quote:
Originally Posted by Qtx View Post
Automatic updates in production environments
Better than expecting end users to do their own updates.
Quote:
ISC has changed it's ThreatLevel/InfoCon to Yellow. First link is a nice metasploit module which acts as a DHCP, infecting machines that ask for an IP. All you have to do is attach the machine with it running on to a networkk... Some of the ITV link:
Wouldn't work on a decent corporate network that had DHCP snooping active. Quite easily exploitable on public hotspots though. However people have said elsewhere OS X's DHCP implementation is not vulnerable, nor is Windows for obvious reasons leaving just the small minority of Linux desktops (most servers I know would be on static addressing anyway).

---------- Post added at 01:34 ---------- Previous post was at 01:28 ----------

* Although I know and have worked with a good number of corporate networks vulnerable to all sorts of DHCP based attack, if you can set up a rogue DHCP server you can already intercept and modify all (non SSL) traffic on that network anyway, which gives you a far wider range of machines and vulnerabilities to attack if you just wanted a botnet.
qasdfdsaq is offline   Reply With Quote