2
Shellshock Bug

Shellshock Bug

Updated Dec 04, 2014 at 05:45PM EST by Brad.

Added Sep 30, 2014 at 04:48PM EDT by Don.

PROTIP: Press 'i' to view the image gallery, 'v' to view the video gallery, or 'r' to view a random entry.

This submission is currently being researched & evaluated!

You can help confirm this entry by contributing facts, media, and other evidence of notability and mutation.

Overview

The Shellshock Bug is a security flaw in the Unix Bash Shell which can be used by attackers to grant unauthorized access to computer systems, including Apple's Macintosh computers and smartphones running the Android operating system. After it was discovered in early September 2014, reports of hackers using the bug to create bot nets for DDoS attacks began widely circulating online.

Background

In 1987, programmer Brian Fox wrote the Bash Shell as a free piece of software which was subsequently used on a variety of computer operating systems, including GNU, Linux and Mac OS X. In 1992, Fox handed over Bash to programmer Chet Ramey, who maintained the software as a hobby. According to an interview with the New York Times,[1] Ramey speculates he may have introduced the Shellshock bug in a software update after taking control of Bash that year. On September 12th, 2014, Ramey was contacted by programmer Stephane Chazelas about a Bash security flawed he dubbed "Bashdoor." On September 24th, Seclist[2] mailing list member Florian Weimer started a thread about the discovery, noting an official upstream patch would be released soon. That day, Twitter user Andreas Lindh[4] posted a tweet referring to the bug as "Shellshock" (shown below).


davi (德海) @daviottenheimer , Sep 24 RT @ErrataRob Blog post: Bash bug as big as Heartbleed: blog.erratasec.com/2014/09/bash-b. nice. but it's not big until there's a logo I IN Andreas Lindh @addelindh Follow @daviottenheimer @ErrataRob FTFY わReply Retweet * Favorite More RETWEETS FAVORITES 15 2:16 PM-24 Sep 2014

Notable Developments

Compromised Machine Reports

By September 25th, reports began circulating that hackers were attempting to exploit the vulnerability with malware titled "Bashlite." That day, the software security company Kapersky Labs claimed three machines had been compromised and were carrying out DDoS attacks against various unidentified targets.[3] On September 26th, the network security company Incapsula reported that upwards of 17,000 attacks were being carried out against more than 1,800 web domains in the United States and China over the past 24 hours.[5]

Apple Statement

On September 26th, Apple released a statement informing Mac OS X users that the "vast majority" were not at risk to the being compromised by the bug:

"The vast majority of OS X users are not at risk to recently reported bash vulnerabilities… With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users."[6]

Search Interest

External References

[1] New York Times – Security Experts Expect Shellshock Software Bug in Bash to Be Significant

[2] Seclist – CVE-2014-6271 remote code execution through bash

[3] Wired – Hackers Are Already Using the Shellshock Bug to Launch Botnet Attacks

[4] Twitter – @addelindh

[5] New York Times – Companies Rush to Fix Shellshock Software Bug

[6] Macworld – Apple says most Mac users are safe from Shellshock Bash bug

Recent Videos

There are no videos currently available.

Recent Images 1 total

     

Top Comments


+ Add a Comment

Comments (14)


Display Comments

Add a Comment


Greetings! You must login or signup first!