“Criminals broke into servers Yahoo by abuse Bash-bug ‘




Attackers would have recently been able to break into servers of Yahoo. Using the recently discovered bug in Bash They were also given the same method potentially access to Lycos and WinZip, claiming a security researcher.

The researcher, Jonathan Hall, discovered that supposedly had received. Romanian attackers access to at least two servers Yahoo To do this they used a recently discovered vulnerability in the Bash shell, where it is possible to perform. Malicious code Presumably the attackers used the bug to create a botnet. Unix hosts

Hall was behind the attack came after a script on one of its servers looked for the presence of the Bash-bug. He used a self-written exploits and then see which servers are vulnerable to the bug appeared on Google. Hall discovered that way that Lycos and the site of the popular WinZip archive program were in place. At last he found in the cgi-bi-dir on one of the servers, a malicious Perl script, which he identified as ha.pl.

Hall warned the FBI and the affected companies last weekend. Meanwhile WinZip the servers patched, let the researcher know. In addition, even Yahoo’s vulnerability to closing his. That leaves an assistant to Hall know that the mail contact a screenshot put online as proof.

The vulnerability in Bash, also known as Shell Shock, came to light last month. It allowed attackers own code in a protected environment-variable stop, after which it was executed once the system initiates a Bash session. Many applications rely on shell scripts and some of them can be accessed, for example, CGI scripts on the internet.

Software developers crush the bug in the Bash shell, which is especially Linux users hit a few days later. That happened with two patches, after it appeared that the first incomplete. Even Apple, the Bash shell includes with OS X comes with a patch. Default user of OS X were not vulnerable, but only if they had been configured. According to Apple ‘advanced’ Unix services themselves


In: Technology & Gadgets Asked By: [15484 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »