cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Demetrius Tsitrelis <Demetrius.Tsitre...@citrix.com>
Subject RE: Shellshock
Date Tue, 30 Sep 2014 18:42:03 GMT
When I do "echo $SHELL" on the Virtual Router instance I see "/bin/bash".

-----Original Message-----
From: Go Chiba [mailto:go.chiba@gmail.com] 
Sent: Tuesday, September 30, 2014 8:38 AM
To: dev@cloudstack.apache.org
Subject: Re: Shellshock

Hi folks,

By my digging, ipcalc included system() function call but debian based our system vm are using
dash as system shell. So I think this shellshock concern are not directly affected to system
vm cgi-bin. right?

GO

from my iPhone

2014/09/30 10:13、Demetrius Tsitrelis <Demetrius.Tsitrelis@citrix.com> のメッセージ:

> http://systemvm-public-ip/cgi-bin/ipcalc is a perl script.
> 
> -----Original Message-----
> From: Sheng Yang [mailto:sheng@yasker.org]
> Sent: Monday, September 29, 2014 5:21 PM
> To: <dev@cloudstack.apache.org>
> Subject: Re: Shellshock
> 
> http://systemvm-public-ip/cgi-bin/ipcalc is NOT a bash script, so it's normal that it
cannot be exploited.
> 
> --Sheng
> 
>> On Fri, Sep 26, 2014 at 1:57 PM, Demetrius Tsitrelis < Demetrius.Tsitrelis@citrix.com>
wrote:
>> 
>> Do you mean you tried setting the USER_AGENT like in 
>> https://community.qualys.com/blogs/securitylabs/2014/09/25/qualysguar
>> d -remote-detection-for-bash-shellshock
>> ?
>> 
>> 
>> -----Original Message-----
>> From: Ian Duffy [mailto:ian@ianduffy.ie]
>> Sent: Friday, September 26, 2014 6:56 AM
>> To: CloudStack Dev
>> Subject: Re: Shellshock
>> 
>> Tried this against the latest system vms built on Jenkins.
>> 
>> Didn't get a successful exploited response. Tested against 
>> http://systemvm
>> - public-ip/cgi-bin/ipcalc
>>> On 25 Sep 2014 16:56, "Abhinandan Prateek" <agneya2001@gmail.com> wrote:
>>> 
>>> 
>>> After heart bleed we are Shell shocked
>>> http://www.bbc.com/news/technology-29361794 !
>>> It may not affect cloudstack directly as it is a vulnerability that 
>>> affects bash, and allows the attacker to take control of the system 
>>> running bash shell.
>>> 
>>> -abhi
>> 

Mime
View raw message