News

Bash Vulnerability Lets Attacker Run Code on Linux and OS X

By admin
Spread the love

A vulnerability allows attackers to inject code into the Bash shell, which is used by OS X and virtually all Linux distributions. As a result, an attacker could, for example, run his own code on a system via a vulnerable CGI script.

The vulnerability can be exploited by adding a number of characters, followed by code, to an environment variable, Red Hat writes on its security blog. As soon as a bash session is opened, that code appears to be executed.

The bash shell is present in OS X and almost all Linux distributions and allows the user to execute command-line instructions. Also software can use the shell to execute instructions. The Linux-based Android is not vulnerable by default, unless a user has installed bash himself, for example via a custom rom. A patch for the Linux version of bash is available; not yet for OS X. Various distributions such as Debian and Ubuntu already have an update ready for users to install.

The vulnerability can be exploited in various ways; bash shells, for example, can be opened by a cgi script. Thus, when a website uses a cgi script with a bash shell, that website is potentially vulnerable to code execution.

Security researcher Robert Graham calls the bug in bash “as big as Heartbleed,” a vulnerability in OpenSSL that could read part of the contents of a server’s internal memory. That’s because there are so many different ways Linux software interacts with bash, Graham says. “We will never be able to phase out all software that is vulnerable to the bash bug,” he writes.

PHP scripts that use shell are not vulnerable, as long as the php scripts are called via mod_php. DHCP clients are vulnerable: DHCP servers could potentially inject code into a system, executing commands as root. This is a danger on public Wi-Fi hotspots, for example, provided the user uses a Linux distribution with bash. Routers’ web interfaces that provide the ability to perform pings and traceroutes are also likely to be vulnerable.

Researcher Graham states that devices with their own web server on board, such as webcams, are also vulnerable, because they often rely on bash scripts that are controlled via a website. Moreover, the bug is not only present in recent versions of bash: the bug has been present for a long time. “The number of systems to patch is therefore much greater than with the Heartbleed bug,” Graham writes.

Users who want to know if their system is vulnerable can perform a simple test by running the code env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” in a shell. If ‘vulnerable’ is shown, the system in question is vulnerable.

You might also like
News

Samsung brings mobile browser to Windows PC

Social Media

Twitter is really going to disappear now: soon you won’t be able to go to…

Technology

Google has unveiled an algorithm that can solve problems 13,000 times faster than a…

Social Media

Facebook lets its AI sniff through your gallery if you want it to

Review

iPhone 17 Pro review: Power, color and top-level cameras

News

AI image maker Nano Banana comes to AI Mode and Lens

Exit mobile version