What is it?
The exploit can potentially allow unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.

Affected OS:
The versions of bash that are affected are present on most Linux, BSD, and Unix like systems including Mac OS X.

More specifically:
CentOS 5 thru 7


Red Hat Enterprise Linux 4 thru 7

Ubuntu 10.04 LTS, 12.04 LTS and 14.04 LTS

Mac OS X

The details:
Most systems with bash installed will NOT be remotely exploitable by this vulnerability.

CentOS 5 thru 7

To exploit this vulnerability, an attacker would need to be able to send a malicious environment variable to a program that’s interacting with the network. This program would have to be implemented in bash or have the ability to spawn a sub command in bash.

Legacy web applications that use standard CGI implementations are most likely going to be the biggest exposure.

Setuid applications that spawn “safe” commands, on multi-user systems, may also be vulnerable.

A CGI application that’s been written in bash or makes system or popen calls, is most likely vulnerable

The Fix?
Several providers, including Red Hat and Ubuntu, have already issued patches to resolve this bug so it is imperative to apply these updates as soon as possible to lower the exposure. Additionally, some firewall vendors, such as Check Point, have already released IPS Signature updates that will identify and block this type of traffic which helps to lower the risk especially if the vulnerable system cannot be updated with a fix.

Source : SecurityStreet https://community.rapid7.com

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)


Posted by Admin

Leave a reply

Your email address will not be published. Required fields are marked *