Posted by & filed under List Posts.

The Shellshock bug exploits a vulnerability found in Bash. Bash is a commonly used command shell that is found in many Linux distributions. Throughout the UNIX world, Bash is very widely used, so this bug and its resulting exploit have the capacity to compromise hundreds of millions of servers.

shellshock
When Bash initializes, a series of checks are put in place to prevent unauthorized commands and uses from occurring. On an unpatched server, Shellshock allows a hacker to execute commands prior to complete initialization of the Bash shell. Anyone using Shellshock would still have to operate within most of the security parameters utilized by the kernel within the vulnerable server. However, the bug could allow an attacker to circumvent application level security measures and allow reading and writing of files accessed by the shell.

Much has been written about the severity of this exploit. It has been compared to the recent Heartbleed exploit that caused many sleepless nights for admins and server owners everywhere. Comparing Heartbleed and Shellshock is tricky business though. Unlike Heartbleed, Shellshock is *not* a root level exploit and no system level files could be directly compromised. But, user data *could* be compromised. The ubiquity of Bash across a vast swathe of servers on the internet makes the scope of this exploit massive.

Is there a fix?
Shellshock is an application level bug and does not effect the kernel. This makes fixing it a simpler proposition as only a specific application requires a patch. The first round of patches that were published were not sufficient to fully remedy the situation. But, after the second round of patches, our admin team has successfully patched all of the servers under that we manage.

If you utilize one of our management packages your server has already been patched by our technicians. If you would like more information about our management plans, or to sign up, please contact sales@totalserversolutions.com or visit https://totalserversolutions.com/server-management.php

More information about this vulnerability can be found here:
https://access.redhat.com/articles/1200223
https://access.redhat.com/announcements/1210053