September 24th 2014 marked the announcement of a remote code execution vulnerability(CVE-2014-6271) for the Linux Bourne-Again SHell (BASH).
Since vulnerability announcements are a daily occurrence, how much should you be concerned?
The answer is very.
There are three factors you need to consider:
How easy is it for an attacker to launch?
How much damage can be caused?
How many systems are affected?
This vulnerability has a very low complexity to launch, does not require any authentication, and can be sent across the Internet. Once launched it provides the attacker the ability to read and write to your files and execute arbitrary code.
BASH has been the defacto shell for Linux for many years. Some modern distributions are moving to alternative shell programs, but BASH is still easily enabled to ensure backwards compatibility with existing programs.
Given this it should be no surprise that this vulnerability scores the maximum 10/10 for severity.
At this time DOSarrest has conducted an exhaustive audit of our systems and see no evidence that we are impacted by this vulnerability due to our restricted access and privilege levels enacted on our servers. As the situation is fluid, we are continuing to monitor and evaluate the latest information for this CVE and are proactively implementing relevant patches as information comes in.
We urge everyone, in the strongest way possible, to follow suit to ensure you are not affected.
Sean Power ,
DOSarrest Internet Security LTD.