Immer mehr Lücken in Bash

Posted on Leave a commentPosted in Hacker News

Die ersten Fehlerkorrekturen für die Shellshock-Lücke in Bash waren unvollständig. Inzwischen ist von fünf verschiedenen Sicherheitslücken die Rede. Kurz nachdem die Bash-Sicherheitslücke, die inzwischen als Shellshock bekannt ist, veröffentlicht wurde war bereits klar, dass das erste Sicherheitsupdate nicht ausreichen würde. Nach der ersten Aufregung fanden mehrere Personen weitere Probleme im Funktionsparser von Bash. Der Google-Entwickler […]

Hackers Using ‘Shellshock’ Bash Vulnerability to Launch Botnet Attacks

Posted on Leave a commentPosted in Hacker News

Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed “Shellshock” which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of abotnet that is currently trying to […]

Bash bug fallout: Shell Shocked yet? You will be … when this becomes a worm

Posted on Leave a commentPosted in Hacker News

Much of the impact of the Shell Shocked vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, coined Shell Shocked by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of servers, home computers […]

Hacking any eBay Account in Just 1 Minute

Posted on Leave a commentPosted in Hacker News

Four month ago, a massive data breach on the eBay website affected 145 million registered users worldwide after its database was compromised. Meanwhile, another critical vulnerability on the eBay website was reported, allowing an attacker to hijack millions of user accounts in bulk. An Egyptian security researcher ‘Yasser H. Ali’ informed The Hacker News about […]