Contact Us

|

Careers

|

Change Locale
close

Why the Shellshock Vulnerability Is A Perfect 10

From the experts | Posted on September 29, 2014 by Matthew Thiffault

Another big buzz in the media again. Looks like there has been another dangerous vulnerability identified and rated a 10 for impact, and a 10 for exploitability. This is the threat we now know as the Shellshock Vulnerability.

The major concern is that, if an attacker has the skill to craft a packet to take advantage of the vulnerability, they can inject code that compromises a target machine.

That seems simple enough – and from a conceptual perspective, it is. So why it is rated so high? And how does it compare to the Heartbleed bug we recently heard so much about?

The Shellshock Vulnerability is a Bash Bug

The Shellshock vulnerability exploits the Bash shell (or the Bourne again shell), one of the most installed utilities on Linux and Mac OS systems. It runs nicely in the background to provide remote access, run scripts and other system-level routines. When a typical bash function runs, and the “hacker” has injected code right after that function, that code also executes – many times with the all-powerful admin/root privileges.

The other frightening part is that since usually Bash already has these admin/super-user privileges built in, the hacker doesn’t require any credentials, and can operate remotely.

Similar to the heartbleed vulnerability this is a serious risk because a lot of the internet infrastructure is built on linux.  So to me that says 10! 10! 10!

To check a list of vulnerable versions and details about the vulnerability, please check the National Vulnerability Database, or this solid post from RedHat.

Things to check and patch

The simple test is this. Run the following code in your Linux shell:

env X=”() { :;} ; echo ShellshockedVuln” /bin/sh -c “echo completed” env X=”() { :;} ; echo ShellshockedVuln” `which bash` -c “echo completed”

if you see the ShellshockedVuln when you run this, you are at risk and should patch.

Also make sure you have updated any IPS signatures so that you can quickly respond to any urgent security incidents – Check the Fortinet blog post for more info on IPS and the Shellshock vulnerability.

Ensure you have appropriate IPS signatures deployed to monitor and mitigate any potential attacks on your infrastructure. Fortinet issued an update to our customers with IPS signatures to detect and prevent Shellshock attacks. This signature is available for download via FDN. In situations such as this, our threat research teams are able to respond to urgent or immediate security incidents promptly to protect our customers (and our customers’ customers) from exploitation.

For your convenience, I just received an update from Rapid 7 alerting us and their customers with this information about their content update:

New coverage is available for CVE-2014-6271 (Shellshock), a vulnerability in bash that allows remote execution of arbitrary code. Authenticated package-based vulnerability checks have been added for the following platforms: Amazon Linux Canonical Ubuntu CentOS Linux Debian Linux FreeBSD Oracle Linux Red Hat Linux An unauthenticated check for vulnerable CGI pages has been added.

The last step to note is that most of the major Unix or Linux distributions have released patches already so check your support for updates as well.

Our security team is standing by to help you with penetration testing (which ferrets out a wide variety of gaps threats and vulnerabilities – not just ShellShock). If you’d like help, please contact me directly, or leave a comment below!

Related Posts

Top 3 Reasons Your Wireless Sucks “Our wireless sucks. I’m truly embarrassed, when my client asks for internet access in our boardroom. I’m constantly having to reconnect to the wireless. IT must not reali...
BYOC: It’s easier than you think now.  Important considerations with BYOC strategy  Employees who are given laptops by their company might use their hardware eight hours a day. The remaining eight hours of awak...
Destroy Your Laptop Without Ramifications! This article originally appeared on Stephen’s personal blog. You can visit it here. Don't let the introduction scare you.This post is actually more appropriate for less...

Related Articles

Culture | July 5, 2019 by Alex Macks

As an organization that strives towards gender balance, Softchoice took part in a recent weeklong boot camp for women in tech sales in partnership with Talent Minded and The Revenue U.

Culture | July 5, 2019 by Alex Macks

The Softchoice co-op program enables students to gain hands-on experience across a variety of fields. I recently had the opportunity to talk to one of the co-op students about her experience at Softchoice.

Microsoft | June 20, 2019 by Susana Byun

Learn how the Microsoft Cloud Solution Provider (CSP) program helps partners add value while their customers gain flexibility Editor’s note (June 2019): We updated this post to reflect the latest CSP news and Softchoice webinar which can be viewed below.  Technology acquisition continues to evolve – away from physically owned infrastructure and towards cloud subscription […]