Yesterday, the existence of the Shell Shock -bug to light. The bug is a leak in the Bash shell on Linux and OS X. The Bash shell is a command line program that Windows users can best be compared to the command-line or powershell. In the shell, a user can type commands, which are then interpreted by the system. However, the shell is widespread and integrated into many devices, including the web servers of webcams and routers.
The leak in the Bash shell allows hackers to inject giving them commands can execute and devices to remote code take over. Security professionals have now discovered that hackers do not even a day after the unveiling of the leak all their best to penetrate. Systems within They found code that clearly aim the outside. Shell Shock-bug
In addition to code an outright attack on the Bash shell was also discovered. The malware that was used for this purpose had multiple functions on board, including the ability to perform DDoS attacks and hacking tool that goes along vulnerable servers and then trying to access with the obvious passwords.
Patch
Fortunately, even the defense on their toes. Red Hat released yesterday an update that makes Shellshock partially harmless. However, the patch was inadequate, so the Bash shell was still vulnerable. Meanwhile, Red Hat also came with a patch for the patch to come, and the problem would be largely solved
An effort was needed:. Researcher Robert Graham claims that for at least 3000 systems vulnerable to attack. However, that number is very conservative, he gives himself to. A more detailed scan would bring in his more computers and embedded Web servers with the leak to light. Especially the latter are very vulnerable. Updating is
the message.
No comments:
Post a Comment