Thursday, September 25, 2014

SECURITY ALERT (2014-09-24): Bash Bug!

Bash, the command-line shell used in many Linux/Unix systems, may be vulnerable!

The bug, discovered by Stephane Schazelas, is related to how Bash processes environmental variables passed by the operating system or by a program calling a Bash-based script. If Bash has been configured as the default system shell, it can be used by network–based attackers against servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts.
 Patches have been released for many *nix systems.

If you use apt-get for updates please goto your command line and run...

apt-get install bash

and fix it up quick.