A new security vulnerability, known as the Bash or Shellshock bug, is expected to be deadlier than the Heartbleed, and can effect everything from major servers to connected cameras. Web security services provider Indusface decodes the bug
What is BASH?
Bash is the software used to control the command prompt on many Unix based computers.
What is the issue?
A newly discovered security bug in a Bash, could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April 2014. Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said. The vulnerability affected Unix-based operating systems including Linux and Apple Inc’s (AAPL.O) Mac OS X.
What it can do?
The “Heartbleed” bug allowed hackers to spy on computers but not take control of them. Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, et cetera.
Give me some more input:
A security vulnerability in the GNU Bourne Again Shell (Bash) could leave systems running those operating systems open to exploitation by specially crafted attacks. “This issue is especially dangerous as there are many possible ways Bash can be called by an application,” a Red Hat security advisory warned.
The bug, discovered by Stephane Schazelas, is related to how Bash processes environmental variables passed by the operating system or by a program calling a Bash-based script. If Bash has been configured as the default system shell, it can be used by network–based attackers against servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts.
How do I make sure that I am not vulnerable?
There is an easy test to determine if a Linux or Unix system is vulnerable. To check your system, from a command line, type:
env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
If the system is vulnerable, the output will be:
vulnerable
this is a test
An unaffected (or patched) system will output:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
Hell – I am infected, what is the solution?
Because of its wide distribution, the vulnerability could be as wide-ranging as the Heartbleed bug, though it may not be nearly as dangerous. The vulnerability affects versions 1.14 through 4.3 of GNU Bash. Patches have been issued by many of the major Linux distribution vendors for affected versions, including:
Red Hat Enterprise Linux (versions 4 through 7) and the Fedora distribution
CentOS (versions 5 through 7)
Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
Debian
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]