Home >> Internet >> What makes Shellshock extremely dangerous?

What makes Shellshock extremely dangerous?


While some people are still recovering from the losses incurred due to Heartbleed, the internet world faces another crisis named Shellshock. Shellshock is the latest threat that the online world is facing and it has ‘shocked’ quite a few already. The scenario with Shellshock is very much similar to that of Heartbleed. The technicalities involved is such that it explains the way it work and the risks that it poses to the world of the Internet.What makes Shellshock extremely dangerous?

What is Shellshock?

In very simple words, Shellshock is a vulnerability in Bash. Bash is a system software which is used by billions of computers all across the globe. Since, Shellshock is a vulnerability in Bash, it leaves the billions of computers with the potential threat of an attack from external sources. The possibility is that it leaves the hacker open to execute any command that he wants once he gains access to your system. Bash is a very important component of OS X, Linux and some versions of Unix. Although Windows does not have a direct use of Bash but at times the system software is used in Windows as well. Bash is not just a command interpreter, it is also used at times in various scripts which are to be executed on the server.

<

Shellshock and Bash: The Problem

The main issue with Bash is that whenever some specific characters are included as a part of variable definition, any arbitrary code which follows the definition gets executed. For example, if { :;}; is used in a variable definition, the code inserted after the definition is executed automatically. This is the phenomenon which should not be happening. This is where the hacker can easily get into your system and inject an unwanted code leading to further complications.

Which versions of Bash are affected?

This is where the issue gets really aggregated. According to the reports, each and every Bash version up to 4.3 is vulnerable to the threat posed by Shellshock. It is not the case that Bash always comes with the Operating system, many other programs also use bash. With bash working on literally on the majority of the web servers, the Internet is under some serious threat.

Source ]


About Wayne Murphy

wmurphy@thenextdigit.com'
Writer and specialized in Mobile Phones (iOS, Android, BB etc), who was with the TND team since it's inception. Other than Blogging, he is also pursuing his graduation on Business Management at CA, California University. All posts by Wayne

Fatal error: Uncaught Exception: 12: REST API is deprecated for versions v2.1 and higher (12) thrown in /home/nitin198/public_html/wp-content/plugins/seo-facebook-comments/facebook/base_facebook.php on line 1273