Radoslaw, About whether your microwave is safe or not. Is it connected to the internet? If so, it may be safe but other devices may not be because of it. Does it have enough compute power and memory for somebody to remotely inject code into it? Could this code then be used to send bogus requests to somebody's server to "help" with a DDOS attack? That's where one of the bigger vulnerabilities in this mess is.
I know you're being tongue-in-cheek with the microwave comment, but reading a couple articles about the guy who was able to remotely install the game "Doom" on a printer and get it working shows some of the ways this thing could be exploited. Rex -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of R.S. Sent: Wednesday, October 01, 2014 8:25 AM To: [email protected] Subject: Re: More on the Bash Security Vulnerability: CVE-2014-6271 & CVE-2014-7169 W dniu 2014-10-01 o 14:51, Dana Mitchell pisze: > On Fri, 26 Sep 2014 18:42:15 +0800, Timothy Sipples <[email protected]> > wrote: >> As for z/OS, most z/OS customers are likely to be unaffected. >> > IBM acknowledged that DS8000 HMCs currently utilize BASH and are thus > vunerable. > What does it mean? Do you download & install any software on that? My microwave owen has Linux onboard, unpatched, with bunch of vulnerabilites. But the only thing I insert there is food. Is it safe? :-) -- Radoslaw Skorupka Lodz, Poland The information contained in this message is confidential, protected from disclosure and may be legally privileged. If the reader of this message is not the intended recipient or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any disclosure, distribution, copying, or any action taken or action omitted in reliance on it, is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by replying to this message and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
