A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren't being affected.
UDS Enterprise servers aren't vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered.
This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.
0 Comments