OpenSSL Heartbleed: 3 Months Later (July 3, 2014)
More GNU Bash vulnerabilities have been disclosed since Sep 25, 2014 and Dell SonicWALL keeps monitoring the Internet and analyzing the vulnerabilities.
Here’s the latest coverage of GNU Bash Code Injection Vulnerabilities:
- CVE-2014-6271
- IPS sid:10529 “GNU Bash Code Injection Vulnerability (CVE-2014-6271) 1”
- IPS sid:5603 “GNU Bash Code Injection Vulnerability (CVE-2014-6271) 2”
- IPS sid:5605 “GNU Bash Code Injection Vulnerability (CVE-2014-6271) 3”
- CVE-2014-6277
- IPS sid:5667 “GNU Bash Code Injection Vulnerability (CVE-2014-6277, CVE-2014-7186) 1”
- CVE-2014-6278
- IPS sid:5661 “GNU Bash Code Injection Vulnerability (CVE-2014-6278, CVE-2014-7169) 1”
- CVE-2014-7169
- IPS sid:5661 “GNU Bash Code Injection Vulnerability (CVE-2014-6278, CVE-2014-7169) 1”
- CVE-2014-7186
- IPS sid:5667 “GNU Bash Code Injection Vulnerability (CVE-2014-6277, CVE-2014-7186) 1”
- CVE-2014-7187
- IPS sid:5669 “GNU Bash Code Injection Vulnerability (CVE-2014-7187) 1”
Dell SonicWALL also observed millions of attack attempts during last 9 days, shown below:
The number reach its peak on Sep 29, 2014 then start decreasing. We expect the number keeps dropping to a certain level then remains steady.