New Shellshock Vulnerability

What is shellshock?

Shellshock, a serious vulnerability discovered in Bash, a popular command-line shell for Linux/UNIX operting systems and Apple’s Mac OS X, has started to pose a security threat. Bash is a widely used system, so shellshock affects a wide range of servers, computers and digital devices and all need to be fixed promptly to prevent leaked information and malicious intent.

In most Linux systems and some BSD Mac servers and computers, a program called Bash, also known as Bourne Again Shell, is used to instruct the operating system of its next function, basically the primary way you give your server commands. It is how you manage your server manually 90% of the time. Linux on its own launches operations using bash. A flaw has been discovered in the processing command that allows remote attackers to add unwanted malicious code to the environment, which enables network-based exploitation. This is an open avenue allowing worms and malware to hit your UNIX, Linux or Mac servers. The execution of an attack is simple, as there is no required authentication needed to exploit Bash. Access is easy to obtain.

All Netsonic shared servers have been patched as soon as the issue was identified which fixed the vulnerability. However, if you are currently hosting a dedicated, flex or cloud server containing Bash with Netsonic, this vulnerability affects you. If you need assistance or help with this and do not have our managed service subscription, we are happy to assist under our hourly admin service rates. Click here to submit a request to a technician. To find out more please read the CERT (Computer Emergency Readiness Team).

As always, please continue to perform high security practices by using strong passwords and keeping all patches up-to-date.