CVE-2014-6271 Shellshocked

It's a good thing we are naming all of our vulnerabilities now; it's easier to keep track of them. I haven't seen an official designation for CVE-2014-6271, but Shellshock seems appropriate. This ...
Published Sep 25, 2014
Version 1.0
security
shellshock
TMOS
Simon_Waters_13's avatar
Simon_Waters_13
Icon for Cirrostratus rankCirrostratus
Sep 25, 2014
Thanks. In the twitter link they claim that apache is in shadow group, this is not apparently the case on my F5 device. Can you provide clarity there too? Are these permissions some devices, all devices, is it revealed in /etc/group or somewhere else? Not that I want them running commands as apache, but I want to understand fully what I'm reading. Happy to take it to support ticket (already open) if you don't want to discuss here.