DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
May 24, 2019 
Main Menu
News archives

Who's Online
There are currently 101 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Nasty bug discovered in Linux Bash shell

Posted on Thursday, September 25 2014 @ 11:08:02 CEST by

Read Hat security researchers announced the discovery of a dangerous security vulnerability in Bash, a UNIX-like shell that is perhaps one of the most widely installed utilities on any Linux system. The bug opens the door for a wide variety of attacks, it arises when environment variables with specially-crafted values are created before the shell is invoked.

The vulnerability has been present in Linux software for two decades, so patching every instance of it may be easier said than done. Errata Security expert Robert David Graham mentioned on Twitter that the "bash bug" is probably a bigger deal than Heartbleed. Graham wrote on his blog that an enormous percentage of Linux software interacts with the shell in some fashion and he believes it will be impossible to catalogue all software out there that is vulnerable to the bash bug.
It's being called the Bash bug, or Shellshock. When accessed properly, the bug allows for an attacker's code to be executed as soon as the shell is invoked, leaving the door open for a wide variety of attacks. Worse yet, it appears the bug has been present in enterprise Linux software for a long time, so patching every instance may be easier said than done. Red Hat and Fedora have already released patches for the bug. The bug also affects OS X, and while the company has yet to release an official fix, this Stack Exchange post contains details on how Mac users can check for the vulnerability and patch it once identified.
Source: The Verge



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba