• New Vulnerability Found in Bash Command Line for Linux and Mac OS X



    Red Hat, which consists of a team of security researchers, have recently uncovered a new exploit found in the common “Bash” command shell. The “Bash” command shell found in OS X and Linux can be used to send out malicious code with very little effort. This particular exploit has determined to be one that can affect a wide variety of different web-connected devices and properties, ranging anywhere from unsecured websites to servers and more. According to security researcher, Robert Graham, the Bash exploit is one that is “as big as Heartbleed.”

    For those of you who don’t remember Heartbleed, it was the flaw that was discovered earlier this year in the OpenSSL software which helps to secure connections between clients and servers. Heartbleed reportedly affected roughly 66% of the Internet, although Apple announced in April that the exploit didn’t have any effect on their software or any of their “key services.” The Cupertino California company also updated both AirPort Extreme and Time Capsule to better secure both web devices against Heartbleed.

    Another thing to note about the Bash exploit is that Apple didn’t include a fix for the bug in its latest round of security updates which were released alongside OS X Mavericks 10.9.5 last week. That being said, there still is a possibility that Apple might release a fix for OS X to address the exploit in the near future. The Cupertino California company has done this for other security in the past and may possibly do it for the Bash exploit their next update.

    Source: Apple (Support), Errata Security (blog), Redhat (blog), Robert Graham (Twitter), StackExchange
    This article was originally published in forum thread: New Vulnerability Found in Bash Command Line for Linux and Mac OS X started by Akshay Masand View original post
  • Connect With Us

  • Twitter Box

  • Facebook