Wow, Singapore CERT are quoting https://holeybeep.ninja , a parody site, in their official(?) beep advisory: https://www.csa.gov.sg/singcert/news/advisories-alerts/alert-on-debian-beep-package-local-privilege-escalation-vulnerability-cve-2018-0492 … Their official recommendation is to run "curl https://holeybeep.ninja/am_i_vulnerable.sh … | sudo bash"
-
Show this thread
Which by the way appears to be (innocently) backdoored, using a curl|bash detection technique: https://news.ycombinator.com/item?id=16756450 … (https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/ …)
3:21 PM - 7 Apr 2018
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.