The
flaw has been found in a software component known as Bash, which is a
part of many Linux systems as well as Apple's Mac operating system.
The
bug called Shellshock, can be used to take control of almost any
system remotely using Bash (Bourne-Again Shell, a command prompt on
many Unix computers. Unix is an operating system on which many others
are built, such as Linux and Mac OS.).
500,000
machines worldwide are thought to be vulnerable to Heartbleed. But
early estimates, which experts said were conservative, suggest that
Shellshock could hit at least 500 million machines.
US
Cert issued an advisory here:
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability
You
can check to see if your system is vulnerable here:
https://shellshocker.net/
No comments:
Post a Comment