This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[atlas] RIPE Atlas vs. bash/shellshock vulnerability
- Previous message (by thread): [atlas] out of office
- Next message (by thread): [atlas] RIPE Atlas vs. bash/shellshock vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Robert Kisteleki
robert at ripe.net
Fri Oct 3 10:08:59 CEST 2014
Dear RIPE Atlas users, The RIPE NCC made a public announcement earlier about this issue (see https://www.ripe.net/internet-coordination/news/announcements/ripe-ncc-security-report-on-shellshock-bash-shell-bug). Still, since we have received some questions in email and Twitter about RIPE Atlas vs. this vulnerability so we'd like to respond to these with some more detail. The RIPE Atlas v1-v2-v3 probes are/were not affected by this issue at all since they don't run bash (or even have it installed) and also not providing any accessible services. The anchors have bash installed, but it is not used for any of the services provided. Besides, these servers have been patched right away. The infrastructure components (ie. controllers) were affected and as the RIPE NCC announcement explains, they have been patched as soon as the patch came out; basically within the day. Regards, Robert Kisteleki for the Atlas team
- Previous message (by thread): [atlas] out of office
- Next message (by thread): [atlas] RIPE Atlas vs. bash/shellshock vulnerability
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]