quinta-feira, 25 de setembro de 2014

BASH - Falha de segurança!


Atualizem seus servidores!
Urgente! :-/

"An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions."

Slackware:
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.522193

CentOS:
http://lwn.net/Alerts/CentOS/

RedHat:
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

Ubuntu/Ubuntu Server:
http://www.ubuntu.com/usn/usn-2362-1/

Nenhum comentário:

Postar um comentário