{"id":21575,"date":"2024-03-30T10:29:30","date_gmt":"2024-03-30T09:29:30","guid":{"rendered":"http:\/\/blog.wenzlaff.de\/?p=21575"},"modified":"2024-03-30T10:35:15","modified_gmt":"2024-03-30T09:35:15","slug":"check-des-raspberry-pi-auf-hintertuer-in-xz-bibliothek-liblzma-ssh-hack-cve-2024-3094","status":"publish","type":"post","link":"http:\/\/blog.wenzlaff.de\/?p=21575","title":{"rendered":"Check des Raspberry Pi auf Hintert\u00fcr in xz-Bibliothek (liblzma, SSH Hack, CVE-2024-3094)"},"content":{"rendered":"<p>Um zu checken ob der Raspberry Pi vom <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-3094\" rel=\"noopener\" target=\"_blank\">CVE<\/a> betroffen ist (siehe <a href=\"https:\/\/www.heise.de\/news\/Hintertuer-in-xz-Bibliothek-gefaehrdet-SSH-Verbindungen-9671317.html\">diesen Artikel<\/a>), <\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/blog.wenzlaff.de\/wp-content\/uploads\/2024\/03\/goldene-kugel-liblzma-xz-hack.gif\" alt=\"\" width=\"512\" height=\"288\" class=\"aligncenter size-full wp-image-21576\" \/><\/p>\n<p>folgende 3 Befehle ausf\u00fchren: <!--more--><\/p>\n<pre class=\"lang:default decode:true \" >\r\n\r\n# Script von https:\/\/github.com\/cyclone-github\/scripts\r\n# https:\/\/github.com\/cyclone-github\/scripts\/blob\/main\/xz_cve-2024-3094-detect.sh\r\n\r\ncurl https:\/\/raw.githubusercontent.com\/cyclone-github\/scripts\/main\/xz_cve-2024-3094-detect.sh -O\r\n# Ausf\u00fchrbar machen\r\nchmod +x xz_cve-2024-3094-detect.sh\r\n# Script ausf\u00fchren\r\n.\/xz_cve-2024-3094-detect.sh\r\n\r\n# Ergebnis:\r\n\r\nChecking system for CVE-2024-3094 Vulnerability...\r\nhttps:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-3094\r\n\r\nChecking for function signature in liblzma...\r\nFunction signature in liblzma: OK\r\n\r\nChecking xz version...\r\nxz version 5.2.5: OK\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Um zu checken ob der Raspberry Pi vom CVE betroffen ist (siehe diesen Artikel), folgende 3 Befehle ausf\u00fchren:<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","footnotes":""},"categories":[220,4606,1319],"tags":[999,5961,5962,5959,1025,176,5960],"class_list":["post-21575","post","type-post","status-publish","format-standard","hentry","category-anleitung","category-crypto","category-sicherheit-2","tag-check","tag-cve-2024-3094","tag-hintertuer","tag-liblzma","tag-pi","tag-sicherheit","tag-ssh-hack"],"_links":{"self":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/21575","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=21575"}],"version-history":[{"count":0,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=\/wp\/v2\/posts\/21575\/revisions"}],"wp:attachment":[{"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=21575"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=21575"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/blog.wenzlaff.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=21575"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}