Lighthouse Technology Solutions Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Alerts

Alert: Don’t Get Hit with Shellshock by the New Bash Bug

b2ap3_thumbnail_alert_bash_bug_400.jpgA new malicious threat in the technical marketplace has just been discovered. The bug, dubbed the Bash bug, or "shellshock," is on the loose for users of Unix-based operating systems, like Linux or Mac OS X. It allows the execution of arbitrary code on affected systems, and could potentially be very dangerous for your business. In fact, CNet is calling it "bigger than Heartbleed."

Bash, which is commonly referred to as "Bourne again shell," is a staple feature of most utilities in Unix-based operating systems. RedHat's official security blog details the nature of the bug in the Bash shell:

In Linux, environment variables provide a way to influence the behavior of software on the system. They typically consist of a name which has a value assigned to it. The same is true of the Bash shell. It is common for a lot of programs to run bash shell in the background. It is often used to provide a shell to a remote user (via ssh, telnet, for example), provide a parser for CGI scripts (Apache, etc) or even provide limited command execution support (git, etc).

The problem is found in the environmental variables with specific values being used before the bash shell is summoned. These variables can contain code which is executed as soon as the bash shell is called. The name doesn't matter, so the content could be disguised as another, non-malicious variable. The most concerning vulnerability this bug provides is the ability for remote users to execute malicious code before the bash shell is activated.

Attacks have already been reported utilizing this vulnerability for a number of functions, including denial of service attacks and password-guessing bots, which randomly input poor password choices on unprotected servers. Researcher Robert Graham has located at least 3,000 systems vulnerable to the bug with a fairly specific search, and it is estimated that several times more machines could be vulnerable to this bug. This makes the threat very real, and if you use Linux or Mac OS X, your business's networks and data are at risk.

The threat is such a big deal that the United States Computer Emergency Readiness Team (US-CERT) has warned the public to download the patch before it infects their systems. To put it in perspective, the last vulnerability to make "Alert" status was the Backoff Point-of-Sale malware discovered in late July this year, which was able to steal sensitive information through sales terminals across the world.

While a patch has been released, it doesn't fix all vulnerabilities presented by the bug. However, it is still recommended by RedHat that you acquire the partial patch until the complete one has been issued. For help acquiring the patch, call Lighthouse Technology Solutions at 703-533-LTSI (5874). We'll apply it remotely so you have to worry as little as possible.

Tagged in: Alert Malware Security

With over 15 users experience of providing IT solutions and advice. Mixing innovations in technlogy with clients requirements is rewarding and inspiring when we sit down to measure the results.

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Wednesday, 21 August 2019

EasyBlog Latest Blogs

Things That Go Bump in the Server Closet
Miscellaneous
Halloween is a time to conjure up things that give people the creeps. Scary sounds are just one way to send shivers up the spine. Sounds like, howling werewolves, zombie groans, chainsaws, and bloodc...
Continue Reading...

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Lighthouse Technology Solutions!

Read more...

Contact Us

Learn more about what Lighthouse Technology Solutions can do for your business.

callphone

Call us today
703-533-LTSI (5874)

119 Lounsbury Place
Falls Church, Virginia 22046