Showing headlines posted by ryanlerch

What does SELinux do to contain the the bash exploit?

  • Dan Walsh's Blog; By Dan Walsh (Posted by ryanlerch on Sep 26, 2014 10:40 PM EDT)
  • Groups: Linux
Do you have SELinux enabled on your Web Server? Lots of people are asking me about SELinux and the Bash Exploit. I did a quick analysis on one reported remote Apache exploit: http://www.reddit.com/r/netsec/comments/2hbxtc/cve20146271_r...

Shows an example of the bash exploit on an apache server. It even shows that SELinux was enforcing when the exploit happened.

Flaw CVE-2014-6271 discovered in the Bash shell — update your Fedora systems

  • fedoramagazine.org; By Ryan Lerch (Posted by ryanlerch on Sep 25, 2014 5:41 AM EDT)
  • Groups: Fedora, GNU
The Red Hat security blog just posted a detailed article on the recently discovered flaw CVE-2014-6271 in bash. Be sure to check out the article if you want to learn a little bit more about the issue.