There is a great diary article at the Internet Storm Center over at SANS on the ShellShock vulnerability. It's located here.
This is a code injection hack that affects bash running on all *nix systems. This allows an attacker to execute code via passing of environment variables into bash. The largest vector that needs to be secured immediately are web servers utilizing CGI-BIN. CGI-BIN requires http headers supplied by the webserver be converted into environment variables.
There are a couple of other less likely vectors that involve SSH and DHCP.
There is a patch available from most vendors, however the current patch is only a partial fix. According to many confirmed tests users are still able to utilize the hack to write empty files to the host's file system.
If you were utilizing Network Storage's Managed Firewall Service, you would already be protected from this vulnerability.
No comments:
Post a Comment