Steven W, 2014-09-27 02:05 »
Apparently a potentially very serious 25 year old bug has been found in the bash shell.
...There are other shells out there for Unix variants, the thing about Bash though is that it's the default shell for Linux and Mac OS X which are obviously extremely prevalent operating systems. That's a major factor in why this risk is so significant - the ubiquity of Bash - and it's being described as "one of the most installed utilities on any Linux system".
The potential is enormous - "getting shell" on a box has always been a major win for an attacker because of the control it offers them over the target environment. Access to internal data, reconfiguration of environments, publication of their own malicious code etc. It's almost limitless and it's also readily automatable. There are many, many examples of exploits out there already that could easily be fired off against a large volume of machines.
Mr. Robert Graham's test early test results are a bit frightening:
http://blog.erratasec.com/2014/09/bash- ... mable.htmlAs he points out, someone is already using what he found to deliver malware:
Someone is using masscan to deliver malware. They'll likely have compromised most of the system I've found by tomorrow morning. If they using different URLs and fix the Host field, they'll get tons more.
Apparently a potentially very serious 25 year old bug has been found in the bash shell.
[quote]...There are other shells out there for Unix variants, the thing about Bash though is that it's the default shell for Linux and Mac OS X which are obviously extremely prevalent operating systems. That's a major factor in why this risk is so significant - the ubiquity of Bash - and it's being described as "one of the most installed utilities on any Linux system".[/quote]
[quote]The potential is enormous - "getting shell" on a box has always been a major win for an attacker because of the control it offers them over the target environment. Access to internal data, reconfiguration of environments, publication of their own malicious code etc. It's almost limitless and it's also readily automatable. There are many, many examples of exploits out there already that could easily be fired off against a large volume of machines.[/quote]
Mr. Robert Graham's test early test results are a bit frightening:
http://blog.erratasec.com/2014/09/bash-shellshock-bug-is-wormable.html
As he points out, someone is already using what he found to deliver malware:
[quote]Someone is using masscan to deliver malware. They'll likely have compromised most of the system I've found by tomorrow morning. If they using different URLs and fix the Host field, they'll get tons more.[/quote]