All about the Shellshock Bug

While the internet is an amazing place, filled with information and a lot of opportunities, it’s safe to say that it also brings quite a lot of dangers in the form of malware and exploits. Recently, a security bug has been found in the Unix Bash shell which allowed the attacker to gain access to the operating system and the data it held. Unfortunately, way too many computers were affected by it, mainly because lots of web servers and internet daemons use Bash for processing commands.

This exploit, called the Shellshock bug forced the Bash to execute the commands which are stored in a special location. This bug was assigned the Cisco Event Response: GNU Bash Environment Variable Command Injection Vulnerability CVE-2014-6271 but unfortunately even today we don’t have a way to prevent its damage. The frightening thing is that the vulnerabilities in the Bash code had been there since 1992, but the continuous advancements in software and technology lead to a better exploration of the Bash and then to the appearance of the Shellshock bug.

The bug was disclosed on 24 September and since then it started compromising computers from all over the world. It seems that the attacks are coming from multiple IP addresses which are most probably cover-ups, so it’s hard to pinpoint the exact source.

The most problematic thing right now is that even with the latest patches you can’t stop the attacks, and the developers are hard at work trying to find a way to avoid the complications brought by the Shellshock bug. The major problem here is that the Bash parser is thought to have more vulnerabilities, so even if these are solved, others will appear in a very short time, and that is the main reason why the release of a solution for the Shellshock bug is yet to arrive.

Bash attacks that target the Shellshock bug are basically ranging from command and control deployment attempts to DoS attacks which can help the attacker access restricted data.

At this moment, we are still waiting for a solution to the problem, but the frightening thing is that many operating systems contain the Bash function, which means that most of them are vulnerable to such attacks.

This is not the first attack of this sort that took place this year. Unfortunately, a similar vulnerability which was discovered in the OpenSSL library, named the Heartbleed bug, which also allowed unwanted access to sensitive data. The security threat was so large that many security experts advised users to change the passwords and clean private data from their browsers, as these could easily be hacked.

In conclusion, we think that the Shellshock bug as well as the Heartbleed bug is some major threats that should not be overlooked. Staying up to date and using the latest security solutions might be a good practice, but changing passwords and taking care of our online privacy is also essential if we don’t want our computer/server to be affected by these vulnerabilities.

Right now not all technology vendors have completed their patches yet, so you best stay in touch with them directly or via their security news feeds. Use the time to evaluate the release and deployment of the new software versions and make sure there are no constraints on the way. Fixing a vulnerability and breaking running systems on the way does not make for a good crisis management.

Photo credit: From Sand To Glass

Alexandru Tanase
A man with a passion for writing, be it news, software or game reviews or something else.
Alexandru Tanase
@Q80s Send me a message there and I will send an offer as soon as you do! - 1 month ago
Alexandru Tanase

Latest posts by Alexandru Tanase (see all)

Alexandru Tanase

A man with a passion for writing, be it news, software or game reviews or something else.

2 thoughts on “All about the Shellshock Bug

  • October 2, 2014 at 7:12 pm

    Oh no … this things like heartbleed and shellshock they cost so much effort in operations and money afterall … just run the numbers past your mind … an enterprise has around 100 services running globally, 80 of those are affected by shellshock, for every service you have a team of maybe 5 engineers to support it from which 2 work on the vulnearability their whole day, each day such an engineer costs you about 400 euro so 800 euro for both of them. Every time such a vulnerability is revealed the operational effort behind it takes these two guys about 2 weeks to complete … so overall for a single service the recovery costs you 8000 euro and if you want to fix all the 80 services that brings you to 640,000 euro operational cost if everything runs smooth. If not you might exceed that and if the technology is no longer supported you might even need to decommission services or invest in new tech. All of that just because you want to close a single vulnerability in a single organization.

  • Pingback: 8 Anti Virus Applications You Need to Know - TechAcute

Leave a Reply