Jump to content

Shellshock vulnerability

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by NicatronTg (talk | contribs) at 13:54, 25 September 2014 (Added {{copypaste}} tag to article (TW)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Shellshock vulnerability (aka CVE-2014-6271) is a new exploit for Bash that is prevalent and dangerous. It is in the news today and has a high potential for worm attacks.

It is a “10 out of 10” for severity or in other words, as bad as it gets. This is compounded by the fact that it’s easy to execute the attack (access complexity is low) and perhaps most significantly, there is no authentication required when exploiting Bash via CGI scripts.

The potential is enormous – “getting shell” on a box has always been a major win for an attacker because of the control it offers them over the target environment. Access to internal data, reconfiguration of environments, publication of their own malicious code etc. It’s almost limitless and it’s also readily automatable. There are many, many examples of exploits out there already that could easily be fired off against a large volume of machines.

Unfortunately when it comes to arbitrary code execution in a shell on up to half the websites on the internet, the potential is pretty broad. One of the obvious (and particularly nasty) ones is dumping internal files for public retrieval. Password files and configuration files with credentials are the obvious ones, but could conceivably extend to any other files on the system.



References

Retrieved from "https://en.wikipedia.org/w/index.php?title=Shellshock_vulnerability&oldid=627027969"