Tagbugs

Bug in Bash shell creates big security hole on anything with *nix in it

Mac OS X Mavericks is also a *nix, and also vulnerable to the Bash bug.Sean Gallagher UPDATE, 9/25: The Bash vulnerability, now dubbed by some as “Shellshock,” has been reportedly found in use by an active exploit against Web servers. Additionally, the initial patch for the vulnerability was incomplete and still allows for attacks to succeed, according to a new CERT alert. See Ars’ latest report for further details, our initial report is below. A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks. “This issue is especially dangerous as there are many possible ways Bash can be called …

Original Article Can Be Found Here:

Bug in Bash shell creates big security hole on anything with *nix in it

How To Check If Your Mac or Linux Machine Is Vulnerable to Shellshock

Shellshock, the newly discovered vulnerability that allows attackers to inject code into your machine, puts your Mac or Linux at a serious risk for malicious attacks. Here’s how to test if your machine is vulnerable. Shellshock uses a bash script to access your computer. From there, they can launch programs, enable features, and access files. The script only affects UNIX-based systems, so Linux and Mac are the only ones vulnerable. You can test your system by running this test command from Terminal: env x='() :;; echo vulnerable’ bash -c ‘echo hello’ If you’re not vulnerable, you’ll get this result: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ hello If you are vulnerable, you’ll get: vulnerable hello You can also…

View original:

How To Check If Your Mac or Linux Machine Is Vulnerable to Shellshock

Checkmarx Heartbleed Vaccination Now Available

Checkmarx Heartbleed Vaccination Now Available – Posted by Sharon Solomon on Tue, April 29, 2014 @ 04:43 PM

Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code. The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world top 1,000,000 websites are still susceptible to attack.

All You Wanted to Know About the Heartbleed Vulnerability

Heartbleed is a bug in the basic implementation of open-source OpenSSL Checkmarx CTO Maty Siman told reporters after the bug was exposed. Many security problems, like Heartbleed, can be traced to the original code written by …

See original article here:

Checkmarx Heartbleed Vaccination Now Available

© 2020 Paul Parisi

Theme by Anders NorénUp ↑