Discover Habbo's history
Treat yourself with a Secret Santa gift.... of a random Wiki page for you to start exploring Habbo's history!
Happy holidays!
Celebrate with us at Habbox on the hotel, on our Forum and right here!
Join Habbox!
One of us! One of us! Click here to see the roles you could take as part of the Habbox community!


Results 1 to 3 of 3
  1. 25-09-2014, 07:04 PM #1
    -Nick
    -Nick is offline Senior Member
    Join Date
    Mar 2010
    Location
    Cornwall (UK)
    Posts
    2,329
    Tokens
    6,755
    Habbo
    -Nick

    Latest Awards:

    15 Year Milestone 1000 Posts Happy 13th birthday, HabboxForum!
    Total Awards: 28

    Default Shellshock: 'Deadly serious' new vulnerability found

    A "deadly serious" bug potentially affecting hundreds of millions of computers, servers and devices has been discovered.The flaw has been found in a software component known as Bash, which is a part of many Linux systems as well as Apple's Mac operating system.
    The bug, dubbed Shellshock, can be used to remotely take control of almost any system using Bash, researchers said.
    Some experts said it was more serious than Heartbleed, discovered in April.
    "Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system," Prof Alan Woodward, a security researcher from the University of Surrey, told the BBC.
    "The door's wide open."
    Some 500,000 machines worldwide were thought to have been vulnerable to Heartbleed. But early estimates, which experts said were conservative, suggest that Shellshock could hit at least 500 million machines.
    The problem is particularly serious given that many web servers are run using the Apache system, software which includes the Bash component.
    Patch immediatelyBash - which stands for Bourne-Again SHell - is a command prompt on many Unix computers. Unix is an operating system on which many others are built, such as Linux and Mac OS.
    The US Computer Emergency Readiness Team (US-Cert) issued a warning about the bug, urging system administrators to apply patches.
    However, other security researchers warned that the patches were "incomplete" and would not fully secure systems.
    Of particular concern to security experts is the simplicity of carrying out attacks that make use of the bug.

    Analysis - Mark Ward, technology correspondentsecurity image
    Shellshock rates a 10 on the scale of vulnerabilities. As bugs go, it's about as bad as it gets.
    Source: http://www.bbc.co.uk/news/technology-29361794


    Thought I would share!


    Quote Originally Posted by xxMATTGxx View Post
    Nick is harmless and he's not a bad person after you have spoken to him a few times.
    Last +REP from: Kardan

    Reply With Quote Reply With Quote
  2. 25-09-2014, 07:56 PM #2
    RyRy
    RyRy is offline Senior Member
    Join Date
    Apr 2011
    Posts
    1,957
    Tokens
    3,649
    Habbo
    Pyroka

    Latest Awards:

    14 Year Milestone 1000 Posts Habboxween Mazetacular 3rd Place
    Total Awards: 4

    Default

    Ha, I walked into my lecturers room today and they were both talking about this. Turns out somebody was trying to use the exploit on my University within hours of it coming public. They wouldn't have detected it if not for their IDS systems which were updated today. This is actively being used and is very worrying.

    It's got the potential to be worse than Heartbleed.
    Reply With Quote Reply With Quote
  3. 25-09-2014, 08:04 PM #3
    scottish's Avatar
    scottish
    scottish is offline Technical Management
    Join Date
    Jul 2004
    Location
    Scotland
    Posts
    17,702
    Tokens
    60,948
    Habbo
    Habbic

    Latest Awards:

    21 Year Milestone 15,000 Posts Habbox God
    Total Awards: 29

    Default

    Quote Originally Posted by RyRy View Post
    Ha, I walked into my lecturers room today and they were both talking about this. Turns out somebody was trying to use the exploit on my University within hours of it coming public. They wouldn't have detected it if not for their IDS systems which were updated today. This is actively being used and is very worrying.

    It's got the potential to be worse than Heartbleed.
    They way it was released as well, it was announced a few days ago/yesterday from what I seen, where as with heartbleed the companies etc got warned about it prior to it being announced via news etc globally.

    So they've had a day to update Although major companies should have it patched if affected by it almost instantly I'd hope.

    inb4 habbox db leaked.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules