Shellshock exploit rocks the Internet ( Linux and Mac )

A serious Bash vulnerability have been discovered on Wednesday (first public mention of it seems to be this post on seclist continuing here with more details). This allows an attacker to execute any code on a vulnerable server. This is even more serious than the heartbleed vulnerability that swept through the Internet couple of months ago.

This is not a WordPress vulnerability, but a server vulnerability. It threatens to become one of the most widespread exploits with serious security implications.

 

Every Mac and Linux Is Vulnerable to the Shellshock Bash Exploit!

 

The Test Command

In a Terminal window, type in the following command into the shell, followed by the Enter key. Terminal can be found in Utilities in your Applications folders, or via a quick Spotlight search.

env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”

The Good Result

If your system is not vulnerable to the Shellshock bug, it will return something similar to the below output.

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test

The Bad Result

If your system is indeed infected by Shellshock, you’ll see the following instead.

vulnerable
this is a test

 

 

 

 

 

 

 

 

 

 

 

Adwebvertising has patched all its servers for this exploit.

Share