0

Log Parsing Script for Shell Shock

The released script will take a given log directory, normally your website log directory, and search it for attempts to exploit the server using the recently released GNU Bourne Again Shell (bash) vulnerability also known as Shell Shock.  Once it… Continue Reading

0

Bash and Shell Shock Today, The Good, But Mostly Just Bad

A few days ago I posted about a nasty vulnerability pertaining to GNU Bourne Again Shell, otherwise known as bash,  The vulnerabilities still exist in unpatched systems and the scope of what could be affected is still expanding. The good… Continue Reading

0

Holey Bash Batman! No Really, It Has Holes (CVE-2014-6271)

UPDATED: 09/26/2014 – 01:14 EST – Added vulnerability validation code This exploit may have bigger holes than even the Bat Cave.  CVE-2014-6271 (Credit to Stephane Chazelas for discovery) was publicly announced yesterday, September, 24th and some articles are already calling this… Continue Reading