Test your Bash Shell

how to test for vulnerable Bash shell: Execute the following: $ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” on the command line, if it comes back with this is a test then the system is vulnerable If the system returns: bash: warning: x: ignoring function definition attempt bash: error … Read more

Perl Scripting vulnerability – Data Dumper

Perl discussion at lsexperts.de  has a data Dumper vulnerability – review your Perl scripts to : Applications written in Perl should ensure that a sanity check on data serialized by Data::Dumper is performed.   WordPress vulnerabilities page which was recently set up. Andreas Kurtz found malicious iOS apps  after iOS 8 was released. The issue … Read more

Bash Shellcode is now at 6 CVE vulnerabilities

This Shellshock issue has now spawned 6 CVE’s  CVE = Common Vulnerabilities and Exposures   Threat level Yellow at Internet Storm Center This is a complex vulnerability first CVE got patched almost immediately  CVE-2014-6271 The second CVE now has a patch as of Friday).  CVE-2014-7169 The 3rd and 4th CVE  CVE-2014-7186, CVE-2014-7187   not patched … Read more

Bash shellcode reality

What started as an environment of function and usability on Unix systems has devolved in another security exploit mess. US -CERT has the report for both potential exploits now (one was patched)   all tools are there for hackers to exploit specific websites running Linux or Unix. That means  that there are many websites that … Read more

Some Restaurant software is unsafe for credit cards

Signature Systems Inc  based out of Newtown, PA sent out press release If you see your restaurant has PDQ software then you should likely reset your credit cards: Joanie’s – St. Louis, MO 6/19/2014 7:29 AM 8/1/2014 10:52 PM Joe’s Pizza – Greenville, IL 6/19/2014 8:05 AM 8/1/2014 11:59 PM Joe’s Pizza and Pasta – … Read more