Linux and Unix Susceptible to Remotely Exploitable Bash Shell Vulnerability

Linux and Unix Susceptible to Remotely Exploitable Bash Shell Vulnerability

Bash Bug or the GNU Bourne Again Shell is a newly found remotely exploitable vulnerability used as command-line shell in Linux and Unix which is making many a websites, servers, PCs, OS X Macs, etc. susceptible to cyber infiltrations.

Security researchers have titled the vulnerability (CVE-2014-6271) as Bash Bug or Shellshock and it affects versions 1.14 through 4.3 of GNU Bash.

How is Bash Bug Exploited?

In the process of exploiting this bash bug, a hacker would require to use specifically crafted variables for executing shell commands remotely on a target machine. In fact, in a number of common configurations, Bash Bug can be exploited over the network itself.
This relatively aged vulnerability is developed because of the way bash treats specially-formatted environment variables called – exported shell functions. When a function is assigned to a variable, trailing code in function definition is executed.

How Does Bash Bug Affect?

Bash Bug is not used by remote users directly but then it is a shared shell used for evaluating and executing commands from web server or mail server. This means that in case an application calls Bash shell command over CGI (Common-Gateway Interface) or web HTTP for letting a user to feed in data, the web server can be hacked.

How to Check for Vulnerable Shell?

Following code can be run on a Linux shell to determine if the system is at risk or not.
env X=”() { :;} ; echo shellshock” /bin/sh -c “echo completed”
env X=”() { :;} ; echo shellshock” `which bash` -c “echo completed”
In case the output throws a word — ‘Shellshock’, your system is indeed at risk.

Bash Bug Patch

To insure malware protection against any possible damage by Bash Bug, it is advised to disable all the CGI scripts that are being called on the shell. Though, even then it does not completely mitigate the vulnerability. Major operating systems and Linux distribution vendors have taken up to combat this critical vulnerability by releasing Bash software versions. These include:

  • Red Hat Enterprise Linux (versions 4 through 7) and the Fedora distribution
  • CentOS (versions 5 through 7)
  • Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
  • Debian

Let us know what you think