• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Shellshock BASH vulnerability in Linux distros

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

magellan

Member
Joined
Jul 20, 2002
https://shellshocker.net/

The website includes tests to determine if your Linux install is vulnerable.

I'm glad that I've kept SELinux in enforcing mode, whether or not it'll stop
this exploit is another story.
 
I'm surprised there hasn't been more panic around this. I read about it the night it surfaced and expected people to go into crazy mode around work the next day like they did with Heartbleed, but so far I haven't heard a peep. Most of our severs here aren't internet facing, but they are 'vulnerable.' The ones that do face the internet are Windows machines running IIS anyway. It's crazy how this has been around for so long but only just now got discovered.

In any event, I doubt SELinux would be of much use to you in this case.
 
In my opinion, while this should get into the patch cycle ASAP, its not crazy unless you have exceptional circumstances. For example we have SFTP servers but after we did testing we determined this didnt really affect the sftp shells. Aside from this, most of the servers are internal only and thus you have to deal with disgruntled employees the same as usual.
 
I'd imagine SELinux might help to stop the mod_cgi and mod_cgid Shellshock vulnerabilities, because SELinux directly affects what the hpptd daemon can access as to binaries, files and directories.
I don't know if SELinux monitors or has a security context for sshd though.
 
Back