{"id":317,"date":"2014-09-25T14:03:50","date_gmt":"2014-09-25T06:03:50","guid":{"rendered":"http:\/\/blog.boviner.com\/?p=317"},"modified":"2014-10-07T09:14:40","modified_gmt":"2014-10-07T01:14:40","slug":"oss-sec-cve-2014-6271-remote-code-execution-through-bash","status":"publish","type":"post","link":"https:\/\/tongwing.woon.sg\/blog\/oss-sec-cve-2014-6271-remote-code-execution-through-bash\/","title":{"rendered":"oss-sec: CVE-2014-6271: remote code execution through bash"},"content":{"rendered":"<p><a href='http:\/\/seclists.org\/oss-sec\/2014\/q3\/649'>oss-sec: CVE-2014-6271: remote code execution through bash<\/a>.<\/p>\n<p>This is serious. Bash is the default shell used by most *nix users. Lots of public web servers out there will be vulnerable if not updated. Someone could write an exploit that infects one machine and turn that machine into an agent for infecting others.<\/p>\n<p>Update (2014-09-25): Ok it <a href=\"https:\/\/gist.github.com\/anonymous\/929d622f3b36b00c0be1\">is happening<\/a>.<\/p>\n<p>Update (2014-09-26): <a href=\"http:\/\/www.troyhunt.com\/2014\/09\/everything-you-need-to-know-about.html\">Everything you need to know about the Shellshock Bash bug<\/a><\/p>\n<blockquote><p>\nThe headlines state everything through 4.3 or in other words, about 25 years\u2019 worth of Bash versions\n<\/p><\/blockquote>\n<p>Update (2014-10-07): <a href=\"http:\/\/www.futuresouth.us\/yahoo_hacked.html\">Winzip and possibly Yahoo<\/a> has been compromised<\/p>\n","protected":false},"excerpt":{"rendered":"<p>oss-sec: CVE-2014-6271: remote code execution through bash. This is serious. Bash is the default shell used by most *nix users. Lots of public web servers out there will be vulnerable if not updated. Someone could write an exploit that infects one machine and turn that machine into an agent for infecting others. Update (2014-09-25): Ok [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"_links":{"self":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/317"}],"collection":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/comments?post=317"}],"version-history":[{"count":6,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/317\/revisions"}],"predecessor-version":[{"id":332,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/posts\/317\/revisions\/332"}],"wp:attachment":[{"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/media?parent=317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/categories?post=317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tongwing.woon.sg\/blog\/wp-json\/wp\/v2\/tags?post=317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}