Skip to main content

What is the Bash Shellshock Bug?

September 26, 2014

It has been discovered that vulnerability exists within the Bash command-line shell, which has been around for years, is now being actively exploited. What is being dubbed the “Shellshock” bug is a flaw that affects all Linux and Unix operating systems including Mac OS X. 

The vulnerability occurs because Bash does not stop after processing the function definition; it continues to parse and execute shell commands following the function definition. This allows for traversing the Bash environment and directly accessing objects within the Bash environment, which is where the risk is introduced.

The fact that an environment variable with an arbitrary name can be used as a carrier for a malicious function definition containing trailing commands makes this vulnerability particularly severe; it enables network-based exploitation. This makes your organization’s servers and appliances that allow connections from the Internet the most likely targets for attack vectors. 

Actions to be taken now are to immediately patch any Internet facing servers or appliances using a vulnerable Linux, Unix or Mac OS X Bash command-line shell. Any servers or appliances behind firewalls and IPS that are vulnerable should be patched as soon as change windows allow. 

Accuvant has released a Bash Shellshock Advisory which provides more details on the vulnerability and recommended actions.

Related Blogs

March 15, 2018

Pass-the-Hash

Pass-the-hash (PtH) is an all too common form of credentials attack, especially since the advent of a tool called Mimikatz. Using PtH to extract from ...

See Details

January 17, 2018

The Aftermath of Meltdown and Spectre: Now What?

The recent unveiling of the widely reported Meltdown and Spectre attacks, which exploit critical vulnerabilities in modern processors, sent many withi...

See Details

January 12, 2018

Regarding Spectre and Meltdown

On January 3, 2018, the Graz University of Technology released their papers on identified vulnerabilities dubbed “Meltdown” and “Spectre” via the webs...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Related Insights

February 05, 2015

GHOST Vulnerability Puts Linux Systems at Risk | Optiv

A critical security vulnerability in the GNU C library, CVE-2015-0235 (a.k.a. “GHOST”), was reported on January 27, 2015. Many Linux systems are vulne...

See Details

September 25, 2014

"Shellshock" Vulnerability in Bash Allows Unauthorized, Remote Code Execution

On September 24, a critical vulnerability - CVE-2014-6271 - was made public. This vulnerability, dubbed “Shellshock,” exposes a weakness in which cert...

See Details

October 26, 2014

Common Web Application Vulnerabilities - Part 1.1

While Cross-Site Scripting (“XSS”) is neither a new nor a particularly exciting class of web application vulnerabilities, it certainly is one of the m...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.