Документ взят из кэша поисковой машины. Адрес оригинального документа : http://theory.sinp.msu.ru/pipermail/ru-ngi/2014q4/001420.html
Дата изменения: Tue Oct 7 18:50:26 2014
Дата индексирования: Sun Apr 10 18:03:15 2016
Кодировка:
[RU-NGI] Fwd: [Noc-managers] [UPDATE] EGI CSIRT 'CRITICAL' Risk - 'shellshock' vulnerability - arbitrary code execution via crafted environment variables

[RU-NGI] Fwd: [Noc-managers] [UPDATE] EGI CSIRT 'CRITICAL' Risk - 'shellshock' vulnerability - arbitrary code execution via crafted environment variables

Alexander Kryukov kryukov at theory.sinp.msu.ru
Thu Oct 2 17:39:43 MSK 2014 

Добрый день!

Есть проблема с безопасностью у Петербурга (см. ниже). Пожалуйста, 
устраните ее как можно быстрее.

           -- А.К.


-------- Original Message --------
Subject: [Noc-managers] [UPDATE] EGI CSIRT 'CRITICAL' Risk - 
'shellshock' vulnerability - arbitrary code execution via crafted 
environment variables
Date: Thu, 2 Oct 2014 15:11:14 +0200
From: Tobias Dussa (SCC) <tobias.dussa at kit.edu>
To: NGI Security Contacts <ngi-security-contacts at mailman.egi.eu>, 
  NGI Operations Centre Managers <noc-managers at mailman.egi.eu>
CC: operations at egi.eu

Dear NOC managers, dear NGI security contacts,

a vulnerability has been found in the bash shell which is part of almost all
linux distributions.  This vulnerability has been assessed as CRITICAL by
EGI's SVG and EGI-CSIRT.

For distributions used within EGI, updated packages fixing this problem
became available on 2014-09-26, and on 2014-09-26 a preliminary advisory
was issued with a follow-up advisory on 2014-09-29 asking sites to carry
out appropriate action by 2014-10-03T21:00+01.

This deadline will expire at 2014-10-03T21:00+01.

According to Pakiti, the following sites are still running vulnerable
versions of bash at the moment:

    ....
  * Russia: RU-SPbSU
    ....

Please note that the Pakiti monitoring represents only a snapshot in time.
Sites may have patched already since the last monitoring run (which should
be no older than 24 hours).  Furthermore, custom patches are NOT detectable
by Pakiti and also lead to false positives.

If these are not addressed, the plan is to move to site suspension giving a
two working day warning to allow sites another chance to rectify the
problem.

Regards,
Tobias Dussa,
EGI-CSIRT Security Officer on Duty.
-- 
And the Grim Reaper put down his scythe and mounted his combine harvester,
for it was war.

----

Karlsruhe Institute of Technology (KIT)
Steinbuch Centre for Computing (SCC)
KIT-CERT

Tobias Dussa
CERT Manager, CA Manager

Zirkel 2
Building 20.21
76131 Karlsruhe, Germany

Phone: +49 721 608-42479
Fax: +49 721 608-9-42479
Email: tobias.dussa at kit.edu
Web: http://www.kit.edu/

KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association


-- 
A.Kryukov, PhD
Head of laboratory, SINP MSU
Phone: +7 495 939-3156


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://theory.sinp.msu.ru/pipermail/ru-ngi/attachments/20141002/81e0e4b1/attachment.sig>
-------------- next part --------------
_______________________________________________
Noc-managers mailing list
Noc-managers at mailman.egi.eu
https://mailman.egi.eu/mailman/listinfo/noc-managers

More information about the RU-NGI mailing list