How To Protect Against The ShellShock Bug

What is Shellshock?

Shellshock is a vulnerability bug in the Bash shell used by many Unix, Linux, as well as Apple Mac computers.

Shellshock gives attackers access to run commands and programs on a system.

Microsoft Windows machines are not affected.

If your system has not updated it’s Bash shell since September 28 2014  you may be vulnerable.

This vulnerability affects Bash shell versions 1.14 (released in 1994) up to the most recent version 4.3

Some analysts have warned that the “Shellshock” bug could be worse than the SSL Heartbleed bug which theoretically allowed attackers to take over websites. The bug has actually been existence since the early days of the Bash shell back in 1994 – some 20 years.

The US government National Vulnerability Database rates Shellshock at 10/10 for severity.

Note that the Bash bug is not a virus or trojan. It’s a bug in the program code of the Bash shell which can be exploited by intruders.

Bash is an acronym for “Bourne Again Shell”. It’s a command line “shell” or interface rather like MS-DOS or the CMD box in Windows, which permits users to issue commands to launch programs by typing in text.

The Bash shell is mostly used by programmers and system administrators.

As Apple Mac computers running OS X are also largely based on a variant of Unix, they also use the Bash shell. This means Apple machines are also at risk from the Shellshock bug.

The bug enables an attacker to execute commands or run programs via the Bash shell on the affected machine.

In theory this can mean almost anything is possible – reading, modifying or deleting data, emailing or transferring data across the Internet to other machines, deleting programs, running programs, installing programs or trojans to attack other computers.

In practice the possible damage an intruder can do may be limited. Having shell access is not the same as having root or admin access. But it’s a first step in that direction and one you definitely don’t want an intruder gaining on your computer.

What Should I Do About Shellshock?

Check your system and if it is shown to be vulnerable, update your Bash shell now.

You can use the online test tool at shellshocker.net to test if your system is vulnerable, and to find out how to patch your system so that you are no longer at risk.

Here’s a Simple Test You Can Run To See If Your Computer Is Affected By Shellshock

If you are familiar with the  command line shell interface, then there is a simple test you can apply to see if your computer is vulnerable.

Run the following lines in your default shell.

enter the following (you can copy and paste):

env x='() { :;}; echo vulnerable’ bash -c ‘echo safe’

If you see the word “vulnerable”, then your system is at risk. If not, then either your Bash is fixed or else your shell is using a command interpreter other than Bash.

, , , ,