Shellshock, worse than Heartbleed on Linux and Mac

Remember heartbleed? A major flaw on systems based on has just been discovered Unix, exactly in the shell Bash. Is called Shellshock and has been present for a long time. It was considered much more risky than Heartbleed because it can affect countless devices, in fact most of the technology is based on this shell: routers, PCs, webcams, servers, etc. Although Red Hat e Fedora have already released a first patch to get around this bug, many devices may be at risk forever, as, as we know, dated devices do not receive firmware updates, much less a patch.

The bug is easy to exploit, just run a few lines. A simple script could therefore infect and damage multiple PCs, devices and even servers.

Bug verification

To find out if your system has failed, just run a terminal and run

env x = '() {:;}; echo vulnerable 'bash -c "test shellshock"

Will appear vulnerable if the system has failed, otherwise you will see the following lines

bash: warning: x: ignoring function definition bash: error importing function definition for `x 'test Shellshock

At this point it should be enough to update to get the patch and probably in the following days more will come.

As for Macs, the verification is identical but the patch has not been released. It is however possible to try recompile Bash.

Sources: - ​​
More info: RedHat

Receive the latest posts by email

Enter the email and choose the inscriptions on the new page
Added devices
  • Compare Smartphone (0)
  • Compare Notebook (0)