Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security

K.S. Bhaskar on 26 Sep 2014 10:27:05 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security

From: "K.S. Bhaskar" <bhaskar@bhaskars.com>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
Date: Fri, 26 Sep 2014 13:26:59 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=IxBXS/aVmq1ykNssRUiJh54T7i7CsS6+xUnZrD3AyWc=; b=mnMRyDlRSwdYiOp/GizWY4hH/xH43QGdZVdZx+SbZ0+0hUYwhqIx+KFa0AxQ1ZZEZg hPcOnRGQ2Mz7pYZR/dpEuKMLi1tDETqvBFjIp9uOyvKolOo8tBeKlclPBHciOV/Ge3J6 +2IuXR9mlgX7/reFG0HgZ603M01DooWJxbuMZwSQ33veeOs5vY1yhda2hLuhnLOLD4KI HVEFyTEQI2gI7xBp0PvJH1K0PQ3FKmmfNZBGtiL1YOxEbs+mBPqLoh5pgt8Y1+6Lf2P0 /TTnkB6GR4hHVM4f4t3bXifV13Lv67txPpzV2IcY1+7MtZLwsr9JZfKxHsEq1LUw19rp 001A==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

http://blog.malwaremustdie.org/ discusses some exploits, but the details are beyond my cursory reading skills.

Regards

-- Bhaskar

On Fri, Sep 26, 2014 at 1:19 PM, Matt Mossholder <matt@mossholder.com> wrote:

On Fri, Sep 26, 2014 at 1:00 PM, Keith C. Perry <kperry@daotechnologies.com> wrote:
Fred,

What are you envisioning as the attack vector from the client point of view? Is the concern that an infected DHCP server could craft a IP OFFER or ACK packet back to your client with an exploit?

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com

Keith,
That is exactly what can happen. Come DHCP clients hand off information from the DHCP server to scripts for processing. In these cases, you could get whacked by a bad DHCP server.

--Matt

___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

References:
- [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Chris Grabowy <cgrabowy@gmail.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Fred Stluka <fred@bristle.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Fred Stluka <fred@bristle.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Matt Mossholder <matt@mossholder.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Fred Stluka <fred@bristle.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: "Keith C. Perry" <kperry@daotechnologies.com>
- Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
  - From: Matt Mossholder <matt@mossholder.com>

Prev by Date: Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
Next by Date: Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
Previous by thread: Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
Next by thread: Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security
Index(es):
- Date
- Thread