Active Topics
-
Firefox with Leste (5)
to Maemo 7 / Leste by teroyk - 4 days, 13 hrs ago -
Handbook (2)
to Maemo 7 / Leste by teroyk - 5 days, 12 hrs ago - more...
|
2014-09-25
, 19:33
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#22
|
Originally Posted by coderus
Wouldn't bet too much money on that. Original patch had some issues (rather quickly someone came with an example how to still exploit it, though supposedly less severely), most opinions are that there will be a few patches as people come up with more examples. At least some patch I hope will be delivered
fix will be included in upcoming sailfish update, you can be sure
 |
|
2014-09-25
, 19:51
|
|
Posts: 4,708 |
Thanked: 4,649 times |
Joined on Oct 2007
@ Bulgaria
|
#23
|
https://together.jolla.com/question/...#post-id-56855
This is the official answer, the thread was closed
Oh, some gory details on the first 0day exploit malware (botnet it seems):
http://www.kernelmode.info/forum/vie...&t=3505#p23987
Last edited by Bundyo; 2014-09-25 at 19:54.
This is the official answer, the thread was closed
Oh, some gory details on the first 0day exploit malware (botnet it seems):
http://www.kernelmode.info/forum/vie...&t=3505#p23987
__________________
Technically, there are three determinate states the cat could be in: Alive, Dead, and Bloody Furious.
Technically, there are three determinate states the cat could be in: Alive, Dead, and Bloody Furious.
Last edited by Bundyo; 2014-09-25 at 19:54.
 |
|
2014-09-25
, 20:05
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#24
|
Originally Posted by vincr
Since no Maemo originally shipped bash, you can be certainly sure no script is using it (unless you replaced /bin/sh with bash but I know for sure that didn't work on Fremantle). So it's also not exploitable.
Wrong subforum, but what about Maemo and Meego? These OS'es are infected too with this bug isn't it?
| The Following 2 Users Say Thank You to javispedro For This Useful Post: | ||
|
|
2014-09-25
, 21:03
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#25
|
developing: http://seclists.org/oss-sec/2014/q3/712
|
|
2014-09-25
, 21:59
|
|
Posts: 136 |
Thanked: 68 times |
Joined on Nov 2013
@ Streets of Avalon | Zwolle, the Netherlands
|
#26
|
Originally Posted by javispedro
I have bash on my N9 and it's vulnerable.. hope to see some patched bash in openrepos. Just to be sure it's safe.
Since no Maemo originally shipped bash, you can be certainly sure no script is using it (unless you replaced /bin/sh with bash but I know for sure that didn't work on Fremantle). So it's also not exploitable.
|
|
2014-09-26
, 07:20
|
|
Posts: 20 |
Thanked: 13 times |
Joined on Jan 2010
@ Finland
|
#27
|
If someone is curious how shellshock could be used to attack a Sailfish device, this illustrates one attack vector: https://pbs.twimg.com/media/ByZZUzmIIAAuFaR.jpg:large
That is, a malicious DHCP server could attack by sending code in the options field. I haven't verified this with my Jolla, but in theory this could be bad. Think of public WIFI access points...
That is, a malicious DHCP server could attack by sending code in the options field. I haven't verified this with my Jolla, but in theory this could be bad. Think of public WIFI access points...
|
|
2014-09-26
, 08:17
|
|
Posts: 334 |
Thanked: 616 times |
Joined on Sep 2010
|
#28
|
Originally Posted by vincr
For time being you can 'apt-get remove' bash. Of course depending on what software you run; on my N9 Schturman's N9 QTweak was only application using it. N9 QTweak reinstalls bash during the application launch, though.
I have bash on my N9 and it's vulnerable.. hope to see some patched bash in openrepos. Just to be sure it's safe.
|
|
2014-09-26
, 08:25
|
|
Guest |
Posts: n/a |
Thanked: 0 times |
Joined on
|
#29
|
Originally Posted by LadyBug
Nice one!
If someone is curious how shellshock could be used to attack a Sailfish device, this illustrates one attack vector: https://pbs.twimg.com/media/ByZZUzmIIAAuFaR.jpg:large
That is, a malicious DHCP server could attack by sending code in the options field. I haven't verified this with my Jolla, but in theory this could be bad. Think of public WIFI access points...
Feel free to test that with my bash
http://talk.maemo.org/showpost.php?p...6&postcount=17
| The Following User Says Thank You to For This Useful Post: | ||
|
|
2014-09-26
, 09:26
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#30
|
Originally Posted by LadyBug
Jolla doesn't use dhclient; it uses connman's builtin gdhcp client.
If someone is curious how shellshock could be used to attack a Sailfish device, this illustrates one attack vector: https://pbs.twimg.com/media/ByZZUzmIIAAuFaR.jpg:large
That is, a malicious DHCP server could attack by sending code in the options field. I haven't verified this with my Jolla, but in theory this could be bad. Think of public WIFI access points...
EDIT: Again, during "security crazes" please remember to keep your brain turned on. There's a shitton of people (e.g. stackoverflow) who is right now posting "instructions to solve the bash bug" which include absurd things such as replacing your distro's bash with some random online version. Without proper care, that's even more stupid than plainly doing nothing.
This doesn't necessarily apply to nieldk's packages, which I think one can trust (hehe ;P), but please remember to be generally cautious about this.
Last edited by javispedro; 2014-09-26 at 09:31.
Probably more worrying for n900 is the apt-get vulnerability (do you apt-get upgrade vulnerable apt-get to get safe apt-get???), didn't see a thread about it:
https://lists.debian.org/debian-secu.../msg00212.html
https://lists.debian.org/debian-secu.../msg00216.html
https://lists.debian.org/debian-secu.../msg00219.html
Last edited by szopin; 2014-09-25 at 20:10.