[nsp-sec] srv5.su and some other interesting shellshocky stuff.
Smith, Donald
Donald.Smith at CenturyLink.com
Thu Apr 9 18:42:44 EDT 2015
Oh this was also reported to the sans handlers via email today so your not alone:)
At least the large increase in shell shock.
1/2 way between yellow and green gee thanks ;)
Juniper released some patches for shellshock for some products this week maybe someone wants to own routers?
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673&actp=RSS
Not sure that binary would run on a juniper:)
(coffee != sleep) & (!coffee == sleep)
Donald.Smith at centurylink.com<mailto:Donald.Smith at centurylink.com>
________________________________
From: Scott A. McIntyre [scott at howyagoin.net]
Sent: Thursday, April 09, 2015 4:32 PM
To: Smith, Donald
Cc: nsp-security at puck.nether.net
Subject: Re: [nsp-sec] srv5.su and some other interesting shellshocky stuff.
Hi Donald,
On 10 Apr 2015, at 8:30, Smith, Donald wrote:
> TLP?
Meh, "whatever" - it's being quite chatty and I caught it in one of my
random nets looking for such things, so others are able to see it too.
How about Chartreuse?
;-)
>
> And I have taken that root kit apart a few times but downloaded your
> urls so I can see what changed.
>
Cheers, happy hunting.
It's not come through here before, so maybe it's just our turn in the
barrel.
Scott
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
More information about the nsp-security
mailing list