Shellshock Vulnerability – Real Risks With A Side Of Hyperbole

On September 24th Akamai announced the discovery of a security vulnerability named Shellshock that affects all versions of the bash program. Bash is a command interpreter (shell) installed on a massive number of systems including web servers, network devices, smartphones, etc. Just about any system not running Windows includes bash. In order to exploit the vulnerability an attacker needs to send data to bash. This can happen through CGI web applications which use it to process requests. Other attack targets exist, but the CGI path looks like the most widespread and easiest to exploit at this point.B I R T H D A Y  P A R T Y

You’ll be seeing many sensationalized headlines about how Shellshock is “worse than Heartbleed”, puts the entire Internet at risk, will surely lead to the end of civilization, etc. Make no mistake that while Shellshock is serious it requires other stars to align in order to be a real problem. Methods to exploit this vulnerability through a given application or service will be appearing for years to come.

IT administrators need to find out if they have any outside facing CGI sites that could be exploited and apply patches or implement workarounds immediately. Going forward, all other Linux/UNIX systems as well as network devices should be patched as patches become available. There is little for end users to do other than apply updates when offered.

If you would like to test your Mac or Linux system after patching just open up a terminal and run:
env X="() { :;} ; echo VULNERABLE" /bin/sh -c "echo completed"

If you see “VULNERABLE” echo back then you still need to patch your system.

Does all this still sound confusing?  Contact us at 218.720.4435 to understand if your business is at risk and how Citon can help secure your digital assets.

Additional Information: