TA14-268A: GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271,CVE-2014-7169)

The US-CERT has issued Shellshock as a critical vulnerability affecting Linux/UNIX operating systems and Apple’s MAC OS X. According to the US-CERT, if exploited, this vulnerability gives attackers the ability to remotely execute shell commands by attaching malicious code in environment variables used by the operating system.

Please read the attached link from the National Cyber Awareness System. Note this vulnerability is getting significant traction in the cyber security circles. Our Intrusion Prevention System (TippingPoint) filters have been updated as of 6:00a this morning, and we’ve been seeing increased activity throughout this morning.

Patches have been released to fix this vulnerability by major Linux vendors for affected versions. Solutions for CVE-2014-6271 do not completely resolve the vulnerability. It is advised to install existing patches and pay attention for updated patches to address CVE-2014-7169.

As of this morning, Apple has not commented on this vulnerability. Although individual workstations are not the primary target, we will keep an eye on this thread as more information becomes available. Please forward to staff who may have responsibility managing Linux-based systems.