Bourne Again Shell (Bash) Remote Code Execution Vulnerability

Original release date: September 24, 2014

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.
US-CERT recommends users and administrators review the Redhat Security Blog for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.

Operating systems with updates include:

This product is provided subject to this Notification and this Privacy & Use policy.

Bug in Bash shell creates big security hole on anything with *nix in it

Whoops. Mac OS X's Bash shell is vulnerable to remote execution attacks.
Sean Gallagher

A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks. “This issue is especially dangerous as there are many possible ways Bash can be called by an application,” a Red Hat security advisory warned.

The bug, discovered by Stephane Schazelas, is related to how Bash processes environmental variables passed by the operating system or by a program calling a Bash-based script. If Bash has been configured as the default system shell, it can be used by network–based attackers against servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts.

Because of its wide distribution, the vulnerability could be as wide-ranging as the Heartbleed bug, though it may not be nearly as dangerous. The vulnerability affects versions 1.14 through 4.3 of GNU Bash. Patches have been issued by many of the major Linux distribution vendors for affected versions, including:

Read 7 remaining paragraphs | Comments

Mozilla Network Security Services (NSS) Library Vulnerability

Original release date: September 24, 2014

A vulnerability in the Mozilla NSS library could allow an attacker to forge an RSA signature, such as an SSL certificate. The package is often included in 3rd party software, including Linux distributions, Google Chrome, and others. It is possible that other cryptographic libraries may be similarly affected.

US-CERT recommends users and administrators review Vulnerability Note VU#772676, Mozilla Foundation Security Advisory 2014-73, and Google Stable Channel Update Blog for additional information and mitigation details.

This product is provided subject to this Notification and this Privacy & Use policy.

drozer – The Leading Security Testing Framework For Android

drozer (formerly Mercury) is the leading security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use, share and understand public...

Read the full post at