JavaScript must be enabled in order for you to see "WP Copy Data Protect" effect. However, it seems JavaScript is either disabled or not supported by your browser. To see full result of "WP Copy Data Protector", enable JavaScript by changing your browser options, then try again.

Category Archives: Bash Shellshock

在CentOS與Mac OSX下修復Bash Shellshock的Vulnerability


最近Bash的Vulnerability人家挖出來了,比前陣子的OpenSSL Heartbeat的洞(CVE-2014-0160)還要,就連RHEL 7.0 GA的版本都躲不過,所以只要是Unix-Like的系統幾乎都中,如RHEL、SLES、Ubuntu、Debian或Mac OSX等等,不過主要影響是在Apache搭配CGI的服務可以被有心人士導入環境變數進去,進而取得系統的控制權;至於這個漏洞是由法國人Stephane Schazelas所發現的,在NIST也可以找到該漏洞的說明(CVE-2014-7169);除此之外,在TrustedSec網站也提到如果DHCP Server透過這個漏洞將變數放到環境變數中,恰巧DHCP Client的Process是用Root跑的話,也可以拿到Root的控制權(CVE-2014-6271);總而言之,還是趕快把這個洞補起來吧,怎麼勒?很簡單,如下: Read more »

This site is protected by WP-CopyRightPro