Heads up Linux and Mac users - Bash Bug Vulnerability

Administrator_JSVN

Administrator
Staff member
Joined
Jan 22, 2007
Messages
8,426
http://mashable.com/2014/09/25/shellshock-bash-bug/

Security researchers have discovered a vulnerability in the system software used in millions of computers, opening the possibility that attackers could execute arbitrary commands on web servers, other Linux-based machines and even Mac computers.

Some researchers say Shellshock, which affects an application called Bash (which is why it's often simply called the "Bash Bug"), is potentially more serious and widespread than the Heartbleed bug discovered in April, though the two vulnerabilities are quite different in nature.

Unlike Heartbleed, which forced users to change their passwords for various Internet services, Shellshock doesn't appear to have any easy solutions for average users right now. In most cases, it will be up to system administrators and software companies to issue patches.

Devices use Bash, which is Unix software, to execute "shell" commands; a shell is a program that translates your commands into something the device's OS can understand. Typically, the shell needs to check information separate from the command, such as what software is running, to do its job. What Shellshock does is open a way for hackers to add some malicious information into that process.

Continued on linked article...

Test your computer/server for the vulnerability here:

http://shellshock.brandonpotter.com/
 
Back
Top