You are Here:
Download Linux Lite 5.6 Final today - See Release Announcements



X Close Ad
X Close Ad
Bash vulnerability

Author (Read 3470 times)

0 Members and 1 Guest are viewing this topic.

Bash vulnerability
« on: September 25, 2014, 10:04:01 AM »
 

newtusmaximus

  • Gold Level Poster
  • *******
  • 676
    Posts
  • Country: gb
  • Reputation: 67
  • Paypal Supporter.

  • Linux Lite: 3.8 64bit

  • CPU: Intel Core duo 6300 1.86GHz

  • MEMORY: 4Gb

  • VIDEO CARD: Intel 82Q963/Q965

  • Kernel: 5.x
http://www.bbc.co.uk/news/technology-29361794

What does this mean  for us?  reason for using linux was to be free from threats.
Last Edit: September 25, 2014, 03:10:11 PM by Valtam
2006 - HP DC7700p ultraslim Desktop Intel 6300 cpu  4GB Ram LL3.8 64bit.
2007 - Fujitsu Siemens V3405 Laptop  2 GB Ram LL3.6 32bit. Now 32bit Debian 9 + nonfree.
2006 - Fujitsu Siemens Si1520 Laptop Intel T720 cpu 3GB Ram   LL5.6 64 Bit
2003 - RETIRED Toshiba Satellite Pro A10 1 GB RAM LL2.8 32bit
 


Re: Deadly serious' new vulnerability found
« Reply #1 on: September 25, 2014, 10:51:16 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Country: gb
  • Reputation: 405
  • Linux Lite "Advocate"

  • Linux Lite: 2.8 64bit

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
http://www.bbc.co.uk/news/technology-29361794

What does this mean  for us?  reason for using linux was to be free from threats.

Look at this existing thread:
https://www.linuxliteos.com/forums/index.php?topic=925.msg5450;topicseen#msg5450

or just cut to the chase
Code: [Select]
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If vulnerable:
Code: [Select]
sudo apt-get update && sudo apt-get install bash
David
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Deadly serious' new vulnerability found
« Reply #2 on: September 25, 2014, 11:27:50 AM »
 

ohjrson

  • Forum Regular
  • ***
  • 170
    Posts
  • Country: ca
  • Reputation: 12
  • Linux Lite Member

  • Linux Lite: 4.8 64bit

  • CPU: Quad core

  • MEMORY: 32Gb

  • Kernel: 4.x
Ok I did this and this is what I got.

[email protected]:~$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello
[email protected]:~$

What does all that mean? and what do I do now?
Ok just ran this: dpkg -s bash | grep Version
and got this: Version: 4.3-7ubuntu1.1

So That means I am good. Now is that what is installed with all of LL 2.0? Cause I just installed Beryl onto that other laptop Is that ok?

Thanks.
Last Edit: September 25, 2014, 11:32:38 AM by ohjrson
LL 4.8 on Dell Power Edge T310 Quad core 32g
LL 4.8 Acer E5-722-49HD A4-7210 Quad core
LL 5.0 Acer AX3812-E9502 intel Quad core
LL 5.0 Dell Optiplex 755 intel Core 2 duo
LL 3.8 on Acer Aspire 3000 AMD processor
Simple, Fast, Efficient, Free, and Beats Windows all to hell.
 

Re: Deadly serious' new vulnerability found
« Reply #3 on: September 25, 2014, 11:38:53 AM »
 

bitsnpcs

  • Platinum Level Poster
  • **********
  • 3237
    Posts
  • Country: 00
  • Reputation: 305
    • Try to Grow

  • Linux Lite: 3.2 64bit

  • Kernel: 4.x
Hello,
this is addressed/fixed by installing an available update either by doing -
Menu>Favorites>Install Updates
or
Menu>All>Install Updates
Whichever is your preferred method for opening updates.

More info is found on this thread - https://www.linuxliteos.com/forums/index.php?topic=925.0
Last Edit: September 25, 2014, 11:43:13 AM by bitsnpcs
 

Re: Deadly serious' new vulnerability found
« Reply #4 on: September 25, 2014, 11:39:15 AM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Country: gb
  • Reputation: 405
  • Linux Lite "Advocate"

  • Linux Lite: 2.8 64bit

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
Ok I did this and this is what I got.

[email protected]:~$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello
[email protected]:~$

What does all that mean? and what do I do now?
Ok just ran this: dpkg -s bash | grep Version
and got this: Version: 4.3-7ubuntu1.1

So That means I am good. Now is that what is installed with all of LL 2.0? Cause I just installed Beryl onto that other laptop Is that ok?

Thanks.

Hi

Well I followed those instructions...
It said I was Vulnerable...
I did the update... and then just got "Hello"
So from the instructions I assume it's O.K

David
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Deadly serious' new vulnerability found
« Reply #5 on: September 25, 2014, 12:02:18 PM »
 

ohjrson

  • Forum Regular
  • ***
  • 170
    Posts
  • Country: ca
  • Reputation: 12
  • Linux Lite Member

  • Linux Lite: 4.8 64bit

  • CPU: Quad core

  • MEMORY: 32Gb

  • Kernel: 4.x
Check the version and see what it says.

Run this in terminal window: dpkg -s bash | grep Version
Paste results back in here.
LL 4.8 on Dell Power Edge T310 Quad core 32g
LL 4.8 Acer E5-722-49HD A4-7210 Quad core
LL 5.0 Acer AX3812-E9502 intel Quad core
LL 5.0 Dell Optiplex 755 intel Core 2 duo
LL 3.8 on Acer Aspire 3000 AMD processor
Simple, Fast, Efficient, Free, and Beats Windows all to hell.
 

Re: Deadly serious' new vulnerability found
« Reply #6 on: September 25, 2014, 01:44:28 PM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 8178
    Posts
  • Country: nz
  • Reputation: 761
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 5.6 64bit

  • CPU: Intel Core i9-10850K CPU @ 3.60GHz

  • MEMORY: 32Gb

  • VIDEO CARD: nVidia GeForce GTX 1650

  • Kernel: 5.x
http://www.bbc.co.uk/news/technology-29361794

What does this mean  for us?  reason for using linux was to be free from threats.

There is no such thing as a vulnerable free operating system, it's technologically impossible. If I had a choice between windows that has vulnerabilities numbering in the millions vs linux that has a few, I know what side I'd rather be on.

Please continue this discussion over here - https://www.linuxliteos.com/forums/index.php?topic=925.0 this is the original thread. Thank you.
Last Edit: September 25, 2014, 01:46:56 PM by Valtam
 


Tags:
 

X Close Ad
X Close Ad

Download Linux Lite 5.6 Final today - See Release Announcements