Springen naar inhoud


Foto

STB vulnerable?

Begonnen door: Rob van der Does, 27 sep 2014 06:09

  • Please log in to reply
Er zijn 7 reacties in dit onderwerp

#1 Rob van der Does

  • Senior Member
  • 7766 berichten

+184
Excellent

Geplaatst op 27 september 2014 - 06:09

Are STB's liable to this vulnerability: http://www.bloomberg...nux-to-mac.html ?


Re: STB vulnerable? #2 littlesat

  • PLi® Core member
  • 56288 berichten

+691
Excellent

Geplaatst op 27 september 2014 - 07:00

Do we use bash?

WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W

Re: STB vulnerable? #3 Pale-Rider

  • Senior Member
  • 126 berichten

+6
Neutral

Geplaatst op 27 september 2014 - 07:08

for a little more info you can also have a read of this thread.

 

http://www.legitfta.com/forum/showthread.php?21383-Bash-test

Re: STB vulnerable? #4 betacentauri

  • PLi® Core member
  • 7185 berichten

+323
Excellent

Geplaatst op 27 september 2014 - 07:33

As far as I know images use busybox instead of bash. So they shouldn't be affected.
Xtrend ET-9200, ET-8000, ET-10000, OpenPliPC on Ubuntu 12.04

Re: STB vulnerable? #5 Pale-Rider

  • Senior Member
  • 126 berichten

+6
Neutral

Geplaatst op 27 september 2014 - 07:41

well according to the post I quoted above the ATV image is coming back as vulnerable to this. tested with the method outlined in the PC world article here.

 

http://www.pcworld.com/article/2687763/safe-from-shellshock-how-to-protect-your-home-computer-from-the-bash-shell-bug.html

Re: STB vulnerable? #6 MiLo

  • PLi® Core member
  • 14045 berichten

+298
Excellent

Geplaatst op 27 september 2014 - 08:28

The standard OpenPLi box is NOT vulnerable because it does not run bash. If you have manually installed "bash", then the box may become vulnerable. However, you'll also need something to expose the shell to the outside, which is something that the webinterface does not do.


Real musicians never die - they just decompose

Re: STB vulnerable? #7 Erik Slagter

  • PLi® Core member
  • 46960 berichten

+541
Excellent

Geplaatst op 27 september 2014 - 08:29

All "known" images use the built-in shell from busybox, not bash.

 

But besides that, you'd only be vulnerable if you'd expose a shell to a hostile environment (like internet), which mostly is a stupid thing to do anyway. I don't get the commotion actually.


* Wavefrontier T90 with 28E/23E/19E/13E via SCR switches 2 x 2 x 6 user bands
I don't read PM -> if you have something to ask or to report, do it in the forum so others can benefit. I don't take freelance jobs.
Ik lees geen PM -> als je iets te vragen of te melden hebt, doe het op het forum, zodat anderen er ook wat aan hebben.

Re: STB vulnerable? #8 Erik Slagter

  • PLi® Core member
  • 46960 berichten

+541
Excellent

Geplaatst op 27 september 2014 - 08:30

Wow that's spooky, the same content at the same time!


Veranderd door Erik Slagter, 27 september 2014 - 08:30

* Wavefrontier T90 with 28E/23E/19E/13E via SCR switches 2 x 2 x 6 user bands
I don't read PM -> if you have something to ask or to report, do it in the forum so others can benefit. I don't take freelance jobs.
Ik lees geen PM -> als je iets te vragen of te melden hebt, doe het op het forum, zodat anderen er ook wat aan hebben.

Terugkeren naar [EN] Enduser support

1 gebruiker(s) lezen dit onderwerp

0 leden, 1 bezoekers, 0 anonieme gebruikers

  1. Forums
  2. PLi® Support
  3. [EN] Enduser support