Alert: Bash Code Injection Vulnerability

September 25, 2014 - 8:40pm - by admin

This is really serious: Red Hat Product Security has been made aware of a vulnerability affecting all versions of the Bash package shipped with Red Hat Enterprise Linux. Since many of Red Hat's products run on a base installation of Red Hat Enteprise Linux, there is a risk of other products being impacted by this vulnerability as well.

The same issue found in Debian 6 & 7...

In order to test if your version of Bash is vulnerable to this issue, run the following command:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"

If the output of the above command looks as follows:

vulnerable<br />
this is a test

you are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:

$ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"<br />
bash: warning: x: ignoring function definition attempt<br />
bash: error importing function definition for `x'<br />
this is a test

---

Samba start / restart error: smbd_open_once_socket: open_socket_in: Addr

November 19, 2012 - 7:23pm - by admin

Once I have got this problem with samba in Oracle Linux 6 (the same I could reproduce in RedHat 6 as well):

On start or restart of smb service var/log/samba/log.smbd reports:

smbd/server.c:501(smbd_open_one_socket) smbd_open_once_socket: open_socket_in: Address already in use

The solution was:

sysctl net.ipv6.bindv6only=1

as it looks like the problem happens on systems which IPv6 support where :: also listens for IPv4 connections. So the bind to 0.0.0.0 fails.

---