cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Demetrius Tsitrelis <Demetrius.Tsitre...@citrix.com>
Subject RE: Shellshock
Date Wed, 01 Oct 2014 17:59:01 GMT
Actually, I am not sure.  Only the env.cgi script is loaded and, while the other scripts are
in perl, there is nothing in the video which shows the source for the env.cgi script so it
may not be perl.

-----Original Message-----
From: Demetrius Tsitrelis [mailto:Demetrius.Tsitrelis@citrix.com] 
Sent: Wednesday, October 01, 2014 10:52 AM
To: <dev@cloudstack.apache.org>
Subject: RE: Shellshock

Interestingly this video shows attack against a perl script... https://www.youtube.com/watch?v=ArEOVHQu9nk

-----Original Message-----
From: Demetrius Tsitrelis [mailto:Demetrius.Tsitrelis@citrix.com]
Sent: Monday, September 29, 2014 6:13 PM
To: <dev@cloudstack.apache.org>
Subject: RE: Shellshock

http://systemvm-public-ip/cgi-bin/ipcalc is a perl script.

-----Original Message-----
From: Sheng Yang [mailto:sheng@yasker.org]
Sent: Monday, September 29, 2014 5:21 PM
To: <dev@cloudstack.apache.org>
Subject: Re: Shellshock

http://systemvm-public-ip/cgi-bin/ipcalc is NOT a bash script, so it's normal that it cannot
be exploited.

--Sheng

On Fri, Sep 26, 2014 at 1:57 PM, Demetrius Tsitrelis < Demetrius.Tsitrelis@citrix.com>
wrote:

> Do you mean you tried setting the USER_AGENT like in 
> https://community.qualys.com/blogs/securitylabs/2014/09/25/qualysguard
> -remote-detection-for-bash-shellshock
> ?
>
>
> -----Original Message-----
> From: Ian Duffy [mailto:ian@ianduffy.ie]
> Sent: Friday, September 26, 2014 6:56 AM
> To: CloudStack Dev
> Subject: Re: Shellshock
>
> Tried this against the latest system vms built on Jenkins.
>
> Didn't get a successful exploited response. Tested against 
> http://systemvm
> - public-ip/cgi-bin/ipcalc
> On 25 Sep 2014 16:56, "Abhinandan Prateek" <agneya2001@gmail.com> wrote:
>
> >
> > After heart bleed we are Shell shocked
> > http://www.bbc.com/news/technology-29361794 !
> > It may not affect cloudstack directly as it is a vulnerability that 
> > affects bash, and allows the attacker to take control of the system 
> > running bash shell.
> >
> > -abhi
>
Mime
View raw message