nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Critical Bash Vuln

wes allen

Remote code execution potential!

Bug in Bash shell creates big security hole on anything with *nix in it | Ars Technica

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

aftereffector

Because of its wide distribution, the vulnerability could be as wide-ranging as the Heartbleed bug,

Awwww &@*# not that again!

though it may not be nearly as dangerous.

I don't exactly feel better. Unless I am wrong, which is very possible, this looks like an injection attack vector that will primarily target servers, which should get updated in short order - but there are an awful lot of *nix systems using bash out there.

LinuxRacr

Yeah, I saw this notification come in today at work via Red Hat. I guess I'll need to add this to my patching...

UnixGuy

yeah I ran yum update this morning and I was about read what's with the update to 'bash', thought it was a new version or something. Thanks for that

wes allen

This one also appears to be wormable - so psyched I am off for a few days!

wes allen

filetype:sh inurl:cgi-bin;

1.2 million hits.

docrice

Don't be alarmed. It only looks weaponized now.

https://gist.github.com/anonymous/929d622f3b36b00c0be1

The hammers are located in isle 18 to the right.

wes allen

Another couple updates:

https://securosis.com/blog/why-the-bash-vulnerability-is-such-a-big-deal

http://www.troyhunt.com/2014/09/everything-you-need-to-know-about.html?m=1

chaser7783

Not only has it been weaponized VT shows a 0/55 rate for detection.
Source: https://www.virustotal.com/en/file/73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489/analysis/1411634118/

Here is some good info on the breakdown within the ELF binary showing all of it's features.
Source: KernelMode.info • View topic - Linux/Bash0day alias Shellshock alias Bashdoor

the_Grinch

Yeah we just alerted for it at work. Updating my Spacewalk and then deploying to all my boxes.

chaser7783

There is also an incomplete fix to CVE-2014-6271.
Source: oss-sec: Re: CVE-2014-6271: remote code execution through bash

wes allen

Client side (DHCP) attacks - https://www.trustedsec.com/september-2014/shellshock-dhcp-rce-proof-concept/

powmia

I wonder if there is any correlation between this and the AWS reboot

JDMurray

SANS Internet Storm Center blog articles on ShellShock: