Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shellshock #68

Closed
awnumar opened this issue May 3, 2016 · 3 comments
Closed

Shellshock #68

awnumar opened this issue May 3, 2016 · 3 comments
Labels
module

Comments

@awnumar
Copy link

awnumar commented May 3, 2016

Manufacturers are pretty relaxed about firmware updates. After shellshock was discovered, not many home devices were patched. I'd wager most home-routers can still be pwned using it.
@m0sia
Copy link

m0sia commented May 3, 2016

Most embedded systems use busybox ash(or other tiny shell variations) that are not effected by shellshock.

If we are talking about well advertised vulnerabilities with unique names, then it make sense to add heartbleed. Many routers use old openssl.

@lucyoa
Copy link
Contributor

lucyoa commented May 4, 2016

@libeclipse @m0sia that are actually very good ideas. Shellshock vulnerability is not so common on embedded device nevertheless it is worth to implement module for this as well.

@lucyoa
Copy link
Contributor

lucyoa commented May 5, 2016

@libeclipse I added new module with this commit: 2e2f164
@m0sia I also added new module request for heartbleed: #72

@lucyoa lucyoa closed this as completed May 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
module
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@m0sia @lucyoa @awnumar