By: Kyle Cavalieri
On September 25, 2014, a new vulnerability that affects most versions of Linux and Unix operating systems, which includes Mac OS X, was discovered. According to security researchers, given the reach of the Bash itself and combined with the sheer volume of devices and application that rely on the Bash, Shellshock is likely going to be larger than the Heartbleed vulnerability that was identified earlier this year. If Shellshock is exploited successfully, the vulnerability could allow an attacker to gain control over a targeted computer.
Bash is a common component of Unix and Linux systems and is commonly referred to as ‘shell.’ Bash acts as a mechanism for the user to instruct the operating system what to do. The vulnerability lies in the fact that an attacker can imbed malicious code into application code that require Bash to execute. At this time, the most critically vulnerable systems are Web servers running the aforementioned OS’s. Although, non-Web servers are also vulnerable, specific conditions need to be in place in order for an attacker to gain control. Imbedded systems that are running Bash that are Internet facing, such as surveillance systems, routers, conferencing and IP based phone systems may also be vulnerable and should be inspected appropriately.
Once the targeted system has been exploited, the attacker can extract password lists off the system and use those passwords to move laterally within the network to gain access to other systems with the company’s production environment.
Due to the wide spread nature of this vulnerability, cyber security companies, like DIGITS LLC, are able to detect whether your systems are currently vulnerable to this latest threat. Contact a cyber security specialist today for more information.