Recently published Bash/Apache problem

Question

whether the recently published Bash/Apache problem posed a threat to operations.

In my Ubundu verion is Ubuntu 10.04.3 LTS if i need anything applying patches.

Regards, Ashok

score 0 · Answer 1 · edited Apr 13 '17 at 12:37

Short answer is very likely yes. Long answer; see this question for an explanation of one attack vector for the vulnerability: https://unix.stackexchange.com/questions/157477/how-can-shellshock-be-exploited-over-ssh

Unless you have a defense in depth with multiple layers of security protecting access to the shell system (e.g. require a VPN connection before you SSH) you are likely vulnerable.

Tim

Recently published Bash/Apache problem

1 Answers1