SSL bleeding information was already a bad thing:
http://en.wikipedia.org/wiki/Heartbleed... but casual/trivial ways of taking partial control of a remote server is borderline of evil.
http://en.wikipedia.org/wiki/Shellshock_(software_bug)The first Shellshock probe came at
2014-09-24 23:18:09 UTC, within mere hours of the security issue announcement.
The first serious attack came at
2014-09-25 16:23:56 UTC. I suppose this is the time it took for Skynet to become self-aware
Luckily, since I'm living in Singapore and waking up earlier than most of the planet, I patched
bash (twice) on time before the attacks started:
Quote:
2014-09-24 17:32:56 UTC
bash:amd64 (4.2+dfsg-0.1, 4.2+dfsg-0.1+deb7u1)
2014-09-27 02:52:36 UTC
bash:amd64 (4.2+dfsg-0.1+deb7u1, 4.2+dfsg-0.1+deb7u3)
So far about 120 crafted requests arrived of which 2/3rd were real attacked (others were probes by security firms or online testing tools).
We're fine so far but I will keep monitoring the situation in the coming days.
Julien