The discovery of a new bug, Shellshock or Bash Bug has alarmed security experts as it leaves millions of computers open to attacks by hackers. The bug, which has been termed as 'deadly serious' affects machines that are running on Mac OS X or Linux.
The bug reminds of the Heartbleed Bug that put many internet users at risk creating panic in April 2014. But the Shelshock bug is billed to be bigger than the Heartbleed Bug.
The bug is capable of remotely controlling systems that use Bash (Bourne-Again SHell), a command prompt on Unix computers. Linux and Mac OS are built based on Unix OS. Officially, the bug is assigned CVE-2014-6271.
Bug Discovery
Stephane Chazelas, a Unix/Linux researcher discovered this vulnerability and it was reported on 24 September 2014. He told ABC that it was discovered on a "hunch."
Exploitable Systems
Many systems that run services or applications using Bash are vulnerable to the Shellshock bug. Below are some of the examples of exploitable systems (Digital Ocean):
- Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
- Certain DHCP clients
- OpenSSH servers that use the ForceCommand capability
- Various network-exposed services that use Bash
What can Hackers Do?
Hackers might be able to remotely execute "arbitrary code on an affected system" and upload a malware into the system, allowing them to steal personal information, delete files or activate web camera and many more. However, a working firewall on a computer will deter them. It has not yet been proven if the bug has been able to take advantage of firewalls too, Engadget reported.
How to Check for Vulnerability
Shellshock vulnerability can be checked by running the below command on the bash prompt:
env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
If your version of Bash is affected following will be the output:
Bash is vulnerable!
Bash Test
If your version of Bash us bit affected, it will show the below output:
bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for 'VAR'
Bash Test
Initial Scans
Robert Graham, security expert posted on his blog that from his early scan results indicated that about 3000 systems were vulnerable.
He also added that the exploit is "clearly workable and can easily worm past firewalls and infect lots of systems."
Patch Released
Warnings have been issued by the US Computer Emergency Readiness Team (US-Cert) and it has also urged users to update their Operating Systems with immediate Patch.
Updates
Below are the updates issued for these OS:
Users must ensure that they have updated all the affected servers to the latest version of Bash. In order to prevent any hackers from exploiting the situation, system administrators looking after the servers have to ensure that they patch their systems immediately.
Apple says Majority Not at Risk
Meanwhile, Apple has said that, "the vast majority of OS X users are not at risk...With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services." A patch will be coming soon it added.
