差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

兩邊的前次修訂版前次修改
下次修改
前次修改
cve:cve-2014-6271 [2014/10/01 15:39] jalcve:cve-2014-6271 [2014/10/16 09:43] (目前版本) jal
行 5: 行 5:
   * CVE-2014-7186   * CVE-2014-7186
   * CVE-2014-7187   * CVE-2014-7187
 +
 +===== Further Reading =====
 +  * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271]]
 +  * [[http://timhsu.chroot.org/2014/10/bash-shellshock.html|提姆大師 - BASH ShellShock 漏洞分析(非常詳細的一篇!)]]
 +  * [[http://devco.re/blog/2014/09/30/shellshock-CVE-2014-6271/|DevCore - Shellshock (Bash CVE-2014-6271) 威脅仍在擴大中,但無需過度恐慌]]
 +  * [[http://tdohacker.org/posts/234933-cve-2014-6271-vulnerability-more-serious-than-heartbleed|TDOHacker - 比HeartBleed Bug 更嚴重的漏洞]]
 +  * [[http://blog.longwin.com.tw/2014/09/cve-2014-6271-bash-remote-code-execution-2014/|Tsung-Hao Lee - CVE-2014-6271 - Bash 遠端執行的安全漏洞]]
 +  * [[http://seclists.org/oss-sec/2014/q3/650]]
  
 ===== About Networking Vendors ===== ===== About Networking Vendors =====
-^ Vendor      ^ Affected       ^ Announcement          ^ Announce Date ^ +  * 查表前有幾個前提 Assumptions consistent before reading 
-| A10  | Yes |[[https://www.a10networks.com/support-axseries/A10-Shellshock_Bash_CVE-2014-6271.pdf|External link at A10 (login required)]]  | 2014-09-27 | +    * 有些 Vendor 雖然有使用到出問題的 Bash,但是由於沒有觸發環境,故其並未受到影響 
-| Arbor Networks | No | [[https://arbor.custhelp.com/app/answers/detail/a_id/2528|Internal Field Notification Only (login required)]] | 2014-09-27 | +      * Some of product have using bash, but there were not trigger condition. 
-| Aruba Networks | Yes | [[http://www.arubanetworks.com/support/alerts/aid-09252014.txt|External Document at Aruba Alert]] | 2014-09-25 | +    * 部分 Vendor 產品非常的多,故只要有任一產品受影響即掛為 Yes 
-| BlueCoat | Yes | [[https://kb.bluecoat.com/index?page=content&id=SA82|External link at BlueCoat KB]]  | 2014-09-25 | +      * Some of vendor may had many product lines, any one of their product to be vulnerable, it will mark "Yes" in "Vulnerable" field. 
-| Brocade | Yes | [[http://www.brocade.com/downloads/documents/technical_support_bulletins/brocade-assessment-bashabug-vulnerability.pdf|External link at Brocade]] | 2014-09-29 | +    * 因為我只列網路相關產品,其管理介面並不同於使用者端,故我預設所有機器皆為固定 IP, DHCP 問題暫不予考慮 
-| CheckPoint | Yes | [[https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673|External link at CheckPoint]] | 2014-09-25 | +      * According to networking product lines characteristic, the management interface property different with end user environment, I suppose that all unit using static address, there are no DHCP at all. 
-| Cisco | Yes | [[http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash|External link at Cisco]] | 2014-09-26 | + 
-| Dlink | Being Confirmed…  | | | +^ Vendor      ^ Vulnerable     ^ Using Affected Bash ^ Announcement       ^ Announce Date ^ 
-| Enterasys (Part of Extreme) | Being Confirmed… | | | +| A10  | No | Yes |[[https://www.a10networks.com/support-axseries/A10-Shellshock_Bash_CVE-2014-6271.pdf|A10 Support(login required)]] | 2014-09-27 | 
-| Extreme Networks | Yes | [[http://learn.extremenetworks.com/rs/extreme/images/VN-2014-001-%20GNU%20Bash%20Threats%20-CVE-2014-7169%20rev01.pdf/|External link at Extreme]] | 2014-09-25 | +| Arbor Networks | No | Yes | [[https://arbor.custhelp.com/app/answers/detail/a_id/2528|Internal Field(login required)]] | 2014-09-27 
-| F5 | Yes | [[http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html|External link at F5]] | 2014-09-25 | +| Arista Networks | Yes | Yes | [[http://www.arista.com/en/support/security-advisories/1008-security-advisory-0006|Security Advisory]] | 2014-09-29 
-| FireEye | Yes | [[http://www.fireeye.com/support/support-notices.html|External link at FireEye]] | 2014-09-25 | +| Aruba Networks | No | Yes | [[http://www.arubanetworks.com/support/alerts/aid-09252014.txt|Aruba Alert]] | 2014-09-25 
-| Fortinet | Yes | [[http://www.fortiguard.com/advisory/FG-IR-14-030/|External link at FortiGuard]] | 2014-09-25 | +| Avaya | Yes | Yes | [[https://support.avaya.com/helpcenter/getGenericDetails?detailId=C2014926131554370002|Avaya Security Advisories]] | 2014-10-01
-| iMPERVA | No | [[http://www.imperva.com/services/adc_advisories_response_shellshock_CVE_2014_6271| External link at iMPERVA]] | 2014-09-25 | +| BlueCoat  | Yes | Yes | [[https://kb.bluecoat.com/index?page=content&id=SA82|BlueCoat KB]] | 2014-09-25 | 
-| Juniper | Yes | [[http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648&actp=RSS|External link at Juniper KB]]  | 2014-09-25 | +| Brocade | Yes | Yes | [[http://www.brocade.com/downloads/documents/technical_support_bulletins/brocade-assessment-bashabug-vulnerability.pdf|Brocade]] | 2014-09-29 
-| McAfee | Yes | [[https://kc.mcafee.com/corporate/index?page=content&id=SB10085|External link at McAfee]] | 2014-09-29 |  +| Cellopoint | No | Yes | [[http://www.cellopoint.com/tw/media_resources/news/20140930|Cellopoint News]] | 2014-09-30 
-| NetAxle | Being Confirmed… | [[http://www.netaxle.com.tw/|External link at NetAxle]] | -- | +| CheckPoint | No | Yes | [[https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk102673|CheckPoint]] | 2014-09-25 | 
-Palo Alto | Yes | [[https://securityadvisories.paloaltonetworks.com/|External link at Palo Alto]] | 2014-09-24 +| Cisco | Yes | Yes | [[http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash|Cisco]] | 2014-09-26 | 
-| Ruckus Wireless | Being Confirmed… | [[http://www.ruckuswireless.com/security| External link at Ruckus Security]] | -- | +| Dlink | Being Confirmed…  || | | 
-| Sophers | No | [[http://www.sophos.com/en-us/support/knowledgebase/121444.aspx|External link at Sophers]] | 2014-09-29 | +| Enterasys (Part of Extreme) | Yes Yes [[http://learn.extremenetworks.com/rs/extreme/images/VN-2014-001-%20GNU%20Bash%20Threats%20-CVE-2014-7169%20rev01.pdf/|Extreme eSupport]] | 2014-09-25 
-| Sourcefire (Part of Cisco) | | Check Cisco | | +| Extreme Networks | No | No | [[http://learn.extremenetworks.com/rs/extreme/images/VN-2014-001-%20GNU%20Bash%20Threats%20-CVE-2014-7169%20rev01.pdf/|Extreme eSupport]] | 2014-09-25 | 
-| Splunk | Yes | [[http://www.splunk.com/view/SP-CAAANJN| External link at Splunk Answers ]]  | 2014-09-29 | +| F5 | Yes | Yes | [[http://support.f5.com/kb/en-us/solutions/public/15000/600/sol15629.html|F5]] | 2014-09-25 | 
-| TippingPoint | Being Confirmed… [[https://tmc.tippingpoint.com/TMC/library/announcements/|TMC]] | -- | +| FireEye | Yes | Yes | [[http://www.fireeye.com/support/support-notices.html|FireEye]] | 2014-09-25 | 
-| VMware | Yes | [[http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740|External link at VMware KB]] | 2014-09-26 | +| Fortinet | Yes | Yes | [[http://www.fortiguard.com/advisory/FG-IR-14-030/|FortiGuard]] | 2014-09-25 | 
-| Websense | No | [[http://www.websense.com/support/article/kbarticle/BASH-Shellshock-CVE-2014-6271|External link at Websense ]] | 2014-09-25 |+| iMPERVA | No | Yes | [[http://www.imperva.com/services/adc_advisories_response_shellshock_CVE_2014_6271| iMPERVA]] | 2014-09-25 | 
 +| Juniper | Yes | Yes | [[http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10648&actp=RSS|Juniper KB]]  | 2014-09-25 | 
 +| McAfee | Yes | Yes | [[https://kc.mcafee.com/corporate/index?page=content&id=SB10085|McAfee]] | 2014-09-29 |  
 +| NetAxle | No | Yes | Response from vendor | -- | 
 +| Palo Alto | No | Yes | [[https://securityadvisories.paloaltonetworks.com/|Palo Alto]] | 2014-09-24 
 +Radware | Yes | Yes | [[http://security.radware.com/SiteCode/Templates/template_1_1_2%282x1%29_1.aspx?pageid=105&id=620|Emergency Response]] | 2014-09-26 
 +| Ruckus Wireless | Yes | Yes | [[http://www.ruckuswireless.com/security|Ruckus Security]] | 2014-09-29 | 
 +| Silver Peak | No | Yes | Internal Document | 2014-09-24 
 +| Sophers | No | Yes | [[http://www.sophos.com/en-us/support/knowledgebase/121444.aspx|Sophers]] | 2014-09-29 | 
 +| Sourcefire (Part of Cisco) | | Check Cisco | | 
 +| Splunk | Yes | Yes | [[http://www.splunk.com/view/SP-CAAANJN| Splunk Answers ]]  | 2014-09-29 | 
 +| TippingPoint | Yes(Only NGFW) Yes Internal Document 2014-09-30 
 +| VMware | Yes | Yes | [[http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2090740|VMware KB]] | 2014-09-26 | 
 +| Websense | No | Yes | [[http://www.websense.com/support/article/kbarticle/BASH-Shellshock-CVE-2014-6271|Websense ]] | 2014-09-25 |
  
 ===== Best Practices ===== ===== Best Practices =====
-  *+  * To be continued... 
  
-===== Further Reading ===== 
-  * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271]] 
-  * [[http://devco.re/blog/2014/09/30/shellshock-CVE-2014-6271/|Shellshock (Bash CVE-2014-6271) 威脅仍在擴大中,但無需過度恐慌]] 
-  * [[http://tdohacker.org/posts/234933-cve-2014-6271-vulnerability-more-serious-than-heartbleed|比HeartBleed Bug 更嚴重的漏洞]] 
-  * [[http://blog.longwin.com.tw/2014/09/cve-2014-6271-bash-remote-code-execution-2014/|CVE-2014-6271 - Bash 遠端執行的安全漏洞]] 
-  * [[http://seclists.org/oss-sec/2014/q3/650]] 
  
  
cve/cve-2014-6271.1412177998.txt.gz · 上一次變更: 2014/10/01 15:39 由 jal
上一頁 | 下一頁 | 回首頁 | RSS Feed | Facebook