Heartbleed Extension Vulnerability caused lots of worries for Internet system. The affects still do not go away and now Shellshock coming.  This latest vulnerability affects the command line software Bash operating at Linux , Unix and Mac OS X.

Vendors have been posting the patches and suggestions on their websites already. Here is some quick collections for my environment.

1. Checkpoint’s Responding:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673

2. Cisco’s Responding: 

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash

3. Juniper’s Responding:

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648&actp=RSS

4. Vmware:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740

Note: How it happened? (from Symantec)

An attacker can potentially use CGI to send a malformed environment variable to a vulnerable Web server. Because the server uses Bash to interpret the variable, it will also run any malicious command tacked-on to it.

By Jon

Leave a Reply

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

%d