What is the Bash Shellshock Bug?

By Matthew Hoy ·

It has been discovered that vulnerability exists within the Bash command-line shell, which has been around for years, is now being actively exploited. What is being dubbed the “Shellshock” bug is a flaw that affects all Linux and Unix operating systems including Mac OS X. 

The vulnerability occurs because Bash does not stop after processing the function definition; it continues to parse and execute shell commands following the function definition. This allows for traversing the Bash environment and directly accessing objects within the Bash environment, which is where the risk is introduced.

The fact that an environment variable with an arbitrary name can be used as a carrier for a malicious function definition containing trailing commands makes this vulnerability particularly severe; it enables network-based exploitation. This makes your organization’s servers and appliances that allow connections from the Internet the most likely targets for attack vectors. 

Actions to be taken now are to immediately patch any Internet facing servers or appliances using a vulnerable Linux, Unix or Mac OS X Bash command-line shell. Any servers or appliances behind firewalls and IPS that are vulnerable should be patched as soon as change windows allow. 

Accuvant has released a Bash Shellshock Advisory which provides more details on the vulnerability and recommended actions.