A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren't being affected.
UDS Enterprise servers aren't vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered.
This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.
The problem lies in the fact that, as all interpreted languages, bash allows functions which are not properly validated when they are storaged in a variable.
You can find more information about this problem here:
Bash specially-crafted environment variables code injection attack
Virtual desktop infrastructure plays a fundamental role in remote and hybrid work models by providing workers with flexibility and mobility without compromising security or performance.
The term “Cloud Computing” refers to the use of computing resources (servers, storage, computing capacity, databases, networks, software) over the Internet.
Discover the advantages of virtual desktops: the solution that redefines remote work by allowing access to the work environment at any time, from anywhere, and from any device.
We explain in depth what Virtual Desktop Infrastructure (VDI) is, its advantages, types, implementation and how you can digitize your company’s workplaces with this solution.
Much of the success of technological evolution goes through virtualization. A concept that, outside the technical world, is becoming more widespread. It hides a power that, up to now, we have only timidly begun to explore.
In recent years, much has been written about the advantages of virtualization and the many benefits it brings to companies; especially, after the strong irruption of remote working driven by the pandemic.
Stay up to date with all the news from UDS ENTERPRISE through our social networks.
0 Comments