Atualizem seus servidores!
Urgente! :-/
"An attacker can provide specially-crafted
environment variables containing arbitrary commands that will be
executed on vulnerable systems under certain conditions."
Slackware:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.522193
CentOS:
http://lwn.net/Alerts/CentOS/
RedHat:
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Ubuntu/Ubuntu Server:
http://www.ubuntu.com/usn/usn-2362-1/
Nenhum comentário:
Postar um comentário