[Important] Security issue on Unix/Linux due to a Bash shell bug
By Nethru Limited (www.nethru.com)
A few months ago, there is a Heartbleed bug in OpenSSL which affects widely. Recently, people found a bug in Bash shell, which creates security issues to many Unix or Linux systems.
In simple wordings, this bug is related to how Bash handles and processes the environmental variables passed by the OS or by a program calling the Bash script. Since most of the Unix/Linux is configured using Bash as the default shell. It allows attackers to attack these systems via web requests, ssh shell, telnet sessions, or other programs using Bash to execute scripts.
The affected versions of Bash includes 1.14 through 4.3. Luckily, patches have been issued in most of the affected OS, including:
- Red Hat Enterprise Linux (version 4 to 7) and the Fedora distribution
- CentOS (version 5 to 7)
- Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
- Debian
If you are unsure whether your system is vulnerable by the bug or not. Here is a simple script that can help you to find out. Open a command line terminal and type the following line.
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
For a vulnerable system, the output will be
vulnerable this is a test
For an unaffected system, the output will be
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test
If you are unfortunately found that your system is vulnerable, try to update the version of the Bash shell immediately.
If you would like to know more about the Bash shell bug, you can find more references here.
http://www.engadget.com/2014/09/24/bash-shell-security-flaw/
http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/
While planning a trip to another country, a large number of
visitors ignore or forget to book their airport transfers accommodation before
departure. Enterprise also informed us that they will pick up passengers after the cruise if they want to
rent a car to spend time visiting around Manhattan before their flight home.
Starting from shuttle cars to private cars, cabs
and minicabs, the airport transfer facility of
the city seek to make every passenger’s journey a memorable one.
Any person on earth with web-based access can be linked to the site.
Like everything in business is important,
getting a website is important too. There are lots of commercial templates available,
and frankly, they are beautiful, but I am going to give you some hints on where to find free web templates.
Kernel Adiutor Pro
I have noticed you don’t monetize your website, don’t
waste your traffic, you can earn extra bucks every month
because you’ve got high quality content. If you want to know how to make extra money, search for: best adsense
alternative Boorfe’s tips
I have noticed you don’t monetize your page, don’t waste your traffic, you can earn additional bucks every month because you’ve got hi quality content.
If you want to know how to make extra money, search for: Ercannou’s essential adsense alternative