Perl Tech meeting Tues Oct 14th - Shell-Shocker CGI and Perl DoS bugs
Bill Ricker
bill.n1vux at gmail.com
Fri Oct 10 15:48:31 EDT 2014
Boston Perl Monger's 2nd Tuesday comes as late as possible this month,
so falls the day before BLU 3rd Wednesday.
(I hear some operating system also issues patches that day, doesn't
affect me.)
TOPIC: Shell-Shocker CGI and Perl DoS bugs
DATE: Tuesday, October 14
TIME: 7:00 – 10:00 PM
ROOM: E51-376
SPEAKER: Bill Ricker (lead)
We will examine the implications for the ShellShock BASH bug for Perl
-- it's much wider than just about BASH CGI or even Perl CGI scripts
-- and also a recently discovered/fixed but comparably long-lurking
Perl DoS bug in a core module (Data::Dumper stack smash CVE-2014-4330)
and how is it possibly remotely triggerable.
The good news is ShellShocker was slightly over-hyped; unlike
Heartbleed, this one does NOT generally affect the Internet of Things,
you internet-enabled toaster is likely immune. But Windows and Mac are
not entirely immune to this Linux bug.
[ Anyone who has examined either bug or its implications is welcome to
contribute or co-present - contacting me off-list is recommended,
although in our interactive style I'll cheerfully include ambush
collaborators. ]
Boilerplate details
Tech Meetings are held on the 2nd Tuesday of every month at MIT
building E51, Sloan School Tang Center [not the other Tang building!]
nearer to Kendall Sq than Mass Ave.
(directions http://boston-pm.wikispaces.com/MIT+Directions).
Talk begins at 7:30.
Refreshments in the hallway prior.
RSVP for count encouraged but not required, to bill.n1vux at gmail.com or
Boston-PM list, by 4pm Tuesday.
(NOTE: we're staying in the wider room 376 where we were in summer,
after being in squarish 372 for winter/spring.)
website - boston.pm.org
More information about the gnhlug-discuss
mailing list