Major vulnerability found in bash

by | Sep 26, 2014

A major vulnerability has been discovered that targets bash, the Unix system (including OSX) and Linux commands interpreter. Apparently, this security flaw is also affecting other interpreters, such as ksh, tcsh, zsh and csh. Nevertheless, other shells aren't being affected.

UDS Enterprise servers aren't vulnerable to this fail, so the security of the virrual machines which provide UDS Enterprise remains unaltered.

This vulnerability has been registed as CVE-2014-6271 and it allows to execute certain commands due to the wrong process of the environment variables. Besides, it may be exploited remotely.

The problem lies in the fact that, as all interpreted languages, bash allows functions which are not properly validated when they are storaged in a variable.

You can find more information about this problem here:

Bash specially-crafted environment variables code injection attack

SHARE

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts

On-premises vs. cloud: Which is better for your business?

The choice of technology infrastructure is crucial for the growth and competitiveness of businesses. This article analyzes the advantages and disadvantages of “on-premises” and “cloud computing” models, focusing on aspects such as costs, scalability, security, and management.

Archives


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content