Contact Us

|

Careers

|

Change Locale
close

Why the Shellshock Vulnerability Is A Perfect 10

From the experts | Posted on September 29, 2014 by Matthew Thiffault

Another big buzz in the media again. Looks like there has been another dangerous vulnerability identified and rated a 10 for impact, and a 10 for exploitability. This is the threat we now know as the Shellshock Vulnerability.

The major concern is that, if an attacker has the skill to craft a packet to take advantage of the vulnerability, they can inject code that compromises a target machine.

That seems simple enough – and from a conceptual perspective, it is. So why it is rated so high? And how does it compare to the Heartbleed bug we recently heard so much about?

The Shellshock Vulnerability is a Bash Bug

The Shellshock vulnerability exploits the Bash shell (or the Bourne again shell), one of the most installed utilities on Linux and Mac OS systems. It runs nicely in the background to provide remote access, run scripts and other system-level routines. When a typical bash function runs, and the “hacker” has injected code right after that function, that code also executes – many times with the all-powerful admin/root privileges.

The other frightening part is that since usually Bash already has these admin/super-user privileges built in, the hacker doesn’t require any credentials, and can operate remotely.

Similar to the heartbleed vulnerability this is a serious risk because a lot of the internet infrastructure is built on linux.  So to me that says 10! 10! 10!

To check a list of vulnerable versions and details about the vulnerability, please check the National Vulnerability Database, or this solid post from RedHat.

Things to check and patch

The simple test is this. Run the following code in your Linux shell:

env X=”() { :;} ; echo ShellshockedVuln” /bin/sh -c “echo completed” env X=”() { :;} ; echo ShellshockedVuln” `which bash` -c “echo completed”

if you see the ShellshockedVuln when you run this, you are at risk and should patch.

Also make sure you have updated any IPS signatures so that you can quickly respond to any urgent security incidents – Check the Fortinet blog post for more info on IPS and the Shellshock vulnerability.

Ensure you have appropriate IPS signatures deployed to monitor and mitigate any potential attacks on your infrastructure. Fortinet issued an update to our customers with IPS signatures to detect and prevent Shellshock attacks. This signature is available for download via FDN. In situations such as this, our threat research teams are able to respond to urgent or immediate security incidents promptly to protect our customers (and our customers’ customers) from exploitation.

For your convenience, I just received an update from Rapid 7 alerting us and their customers with this information about their content update:

New coverage is available for CVE-2014-6271 (Shellshock), a vulnerability in bash that allows remote execution of arbitrary code. Authenticated package-based vulnerability checks have been added for the following platforms: Amazon Linux Canonical Ubuntu CentOS Linux Debian Linux FreeBSD Oracle Linux Red Hat Linux An unauthenticated check for vulnerable CGI pages has been added.

The last step to note is that most of the major Unix or Linux distributions have released patches already so check your support for updates as well.

Our security team is standing by to help you with penetration testing (which ferrets out a wide variety of gaps threats and vulnerabilities – not just ShellShock). If you’d like help, please contact me directly, or leave a comment below!

Related Posts

Why Data Backup And Recovery Systems Are Like Your Insurance Policy   Your data backup and recovery systems are like your insurance policy. Knowing that you have a process and system in place to ensure your data is secure and recover...
The color of your cloud  The term “cloud” in IT today evokes many responses, feelings and ideas on its purpose, makeup, and overall value to an organization. Some believe “cloud” is exclusive to IT s...
Securing Passwords in Business: What You Really Need To Know Another week, another breach! It seems like every week we're hearing about another major website's secure passwords being compromised. Personal information is either being l...

Related Articles

In 2019, Softchoice’s Innovation Executive Forum (IEF) toured North American cities once again and learned first-hand how IT leaders are driving transformation and delivering outcomes in their organizations. In this new Digital Transformation Trends report, we bring you the Top 10 highlights from our roundtable discussions in Atlanta, Denver, and Toronto. These insights were shared by groups […]

Culture | January 20, 2020 by Karen Scott

Our Commitment   At Softchoice, we are committed to providing an engaging and inclusive environment where every employee can bring their whole self to work. Softchoice believes in creating an environment where all employees – regardless of gender, age, sexual orientation, race, religion or cultural background – feel accepted and supported to succeed. And I recognize that this […]

If the last 12 months have taught us anything about digital transformation leaders, it’s this: cybersecurity is a central concern. And it’s going to get harder before it gets easier. As we toured North America with the Innovation Executive Forum, cybersecurity came up in multiple contexts, across multiple industries, across a whole gamut of departments, […]