Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
BCM400 Shellshock
- Thread starter VoIPP
- Start date
curlycord
Programmer
It effects Linux (and Unix) which BCM 4.0 and up is using as its operating system.
The hacker would need to know the SSH login credentials.
Make sure the BCM has the latest patches (see the FAQ's page) and that you have a proper password and not the default one.
If the BCM does not need access to the internet then change the Gateway IP
Shellshock is primarily used to hack websites.
Seems this command will tell Linux users if the system is vulnerable: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
It will come back and say "vulnerable" if it is.
=----(((((((((()----=
curlycord
Toronto Canada
The hacker would need to know the SSH login credentials.
Make sure the BCM has the latest patches (see the FAQ's page) and that you have a proper password and not the default one.
If the BCM does not need access to the internet then change the Gateway IP
Shellshock is primarily used to hack websites.
Seems this command will tell Linux users if the system is vulnerable: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
It will come back and say "vulnerable" if it is.
=----(((((((((()----=
curlycord
Toronto Canada
As I recall, SSH is only available for the nnsupport login. Since the password changes daily for nnsupport there's not much chance of hacking in this way. Definitely do not use the default password for the Element Manager login.
Brian Cox
Georgia Telephone
Brian Cox
Georgia Telephone
- Status
Similar threads
- Locked
- Question
- Locked
- Question