Market Overview

'Bash Shell' Affects Linux, Apple Mac OS X and Unix



A remote and critical vulnerability known as Bash, aka the GNU Bourne Again Shell, has been found in Linux and Unix command-line shell. It has left several websites, PC's, servers, OS and Macs, open to cyber criminals. The remote code execution vulnerability in Bash affects most Linux servers and distributions worldwide.

The vulnerability (CVE-2014-6271) is being named as Shellshock and Bash Bug by security researchers on internet and it affects versions 1.14 through 4.3 of GNU Bash. A hacker is capable of exploiting this bash bug to accomplish carrying out commands remotely on a target machine.   

The vulnerability is 22 year old and it came to light because of the way bash takes care of specially-formatted environment variables, such as exported shell functions. When a function is assigned to a variable, trailing code in the function definition is executed.

Millions of Systems Are Affected

While remote users do not use Bash directly, it is a common shell for executing and evaluating commands from other programs, such as mail servers and web servers. So, the web server can be hacked if an application calls the Bash shell command through a common-gateway interface or web HTTP, in a manner that allows a user to insert data.

To simply state, if Bash has been set up as the default system shell, an attacker can send a specially made web request and launch a malicious code on the server. This is done by setting weird mime types and by setting headers in a web request. Like the Heartbleed bug, this is a severe risk to Internet Infrastructure, as not only does Linux run majority of servers but also huge number of embedded devices, including Android devices and Mac OS X laptops. This vulnerability has been rated '10 out of 10' in terms of severity, by NIST vulnerability database.

How Can You Check for Vulnerable Shell

You can run the following command lines to check if your Unix or Linux system is vulnerable:

    env X="() { :;} ; echo shellshock" /bin/sh -c "echo completed"

  env X="() { :;} ; echo shellshock" `which bash` -c "echo completed"

If the words 'shellshock' comes in the output, then your system is at risk.

It is recommended that you upgrade your Bash software package as soon as possible, in case you feel that your system is vulnerable to the Bash bug.

The preceding article is from one of our external contributors. It does not represent the opinion of Benzinga and has not been edited.


Related Articles

View Comments and Join the Discussion!