Critical vulnerability called "Shellshock”

01 Oct 2014

Critical vulnerability called "Shellshock"(CVE-2014-6271) has been found in Linux operating system. Vulnerability exists in a cover command called “Bash” which is widely used in Linux operating system.

According to 10-point rating scale of vulnerabilities by National Institute of Standards and Technology, USA (NIST), "Shellshock" was estimated with 10 point. Being aware of this vulnerability malicious people use this for computers’ remote capture and control.

To check wheather there is vulnerabilty in an operating system, we need to write the following command in the terminal.

env x='() { :;}; echo

This text was recorded for security check. If you see this text it means that there is vulnerability' bash -c ‘echo test’

If there is any vulnerability, the following rows will display

This text was recorded for security check. If you see this text, it means there is vulnerability in your system.

test

If there is no vulnerability, the following rows will display:

bash: warning: x: ignoring function definition attempt

bash: error importing function definition for `x'

test

It’s recommended to the Linux operating systems(especially Ubuntu and Debian versions) users to update “Bash” cover as soon as possible.

Alerts

Critical vulnerability called "Shellshock”

Other News

Remote Code Execution (RCE) vulnerability on WhatsApp

Vulnerability in the jQuery library

Remote Code Execution Vulnerability in Apache Tomcat

Vulnerabilities in WPA3

Million users impacted by new SimBad Android adware

VPNFilter malware infects half a million routers!

It's recommended to apply security patches in Adobe-Adobe Releases Security Updates

Blue Whale Game

Bad Rabbit Ransomware