D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] bash vulnerability

 

On Fri, 26 Sep 2014, Martijn Grooten wrote:

On Fri, Sep 26, 2014 at 09:39:41AM +0100, Gordon Henderson wrote:
So on the surface home PCs, etc. are fine - no need to wory about
them for now.

I'm at a conference at the moment so I've not read up on all the
details, though I've spoken about it to many people (it's a security
conference). It seems some DHCP clients are vulnerable. So for some
fairly broad version of "etc.", you can get root access on them if
you're on the same WiFi network. So that does sound like something to
worry about.

The DHCP part relies on several things happening - the first is that someone sets up a Wi-Fi access point that has the potential to inject the vulnerability and another is that you then use that access point, and that you're running a DHCP client that parses a shell script...

A starting point would be making sure your mobile devices don't automatically connect to open Wi-Fi access points.

This may be an issue if you're out and about - hopefully not at home.

And I have seen a DHCP server written in Perl that can inject a vulnerability.

People have compared it with Heartbleed, where the attack was easy to
execute. This is more tricky, but the number of ways you could exploit
this is much bigger. With Heartbleed, if you couldn't patch, you could
probably fend off attacks on the firewall - here I would be less
confident such a thing is possible.

For web access you can validate every single URL that gets sent to the real web server before it hits the real server. Such devices exist - usually aimed at the slightly bigger user. Lets hope they themselves don't use bash as part of their processing!

Gordon

--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq