Is this worse than Heartbleed? The bash vulnerability

Note: This article is also on LinkedIn and yes its duplicate content but this site is not about SEO.

Late last night, it was made aware publicly that there is a serious vulnerability in the program Bash, the GNU Bourne-Again-Shell. This is a piece of software widely used particularly on Linux servers.

This vulnerability allows remote code execution through a lot of default configurations and is a serious risk to a wide range infrastructure on the Internet and the severity is extreme as bash is part of the default configuration of most Linux servers.

Bash is generally not accessible by external users it is commonly used in binary software packages such as web and mail servers. System Administrators and Programmers also use Bash to administer their Linux servers including conduct maintenance tasks.

Why is this so bad? Well, an external user can send specially formatted web request to web server, when the web server passed the request to the bash application, the vulnerability allows the bash package to run any command on the server despite any security groups or access levels.

What is even scarier, they notified the open source community of the vulnerability and released a patch but it is now known the patch does not fix all the vulnerabilities, it only makes it harder to exploit. So right now the Internet is left wide open with such services as Cloud Flare, Amazon Web Services and even the majority of Websites that are hosted on the Linux operating system.

There is a high likelihood if someone had the resources right now they could launch a major cyber attack. The Open Source Community is rushing to release a second patch but this relies on vigilant System Administrators patching their systems.

At Infinite Networks we are anxiously awaiting the release of this patch and it will be priority number one to have rolled out across all our infrastructure. The Microsoft Windows Server platform is looking like a more and more secure platform after Hearthbleed and now this vulnerability.

If you are interested in the technical information was posted on the oss-sec mailing list here

No Comments Yet.

Write a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.