DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
 
DarkVision Hardware - Daily tech news
November 21, 2018 
Main Menu
Home
Info
News archives
Articles
Howto
Reviews
 

Who's Online
There are currently 62 people online.

 

Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
 

Follow us
RSS
 

Nasty bug discovered in Linux Bash shell

Posted on Thursday, September 25 2014 @ 11:08:02 CEST by


Read Hat security researchers announced the discovery of a dangerous security vulnerability in Bash, a UNIX-like shell that is perhaps one of the most widely installed utilities on any Linux system. The bug opens the door for a wide variety of attacks, it arises when environment variables with specially-crafted values are created before the shell is invoked.

The vulnerability has been present in Linux software for two decades, so patching every instance of it may be easier said than done. Errata Security expert Robert David Graham mentioned on Twitter that the "bash bug" is probably a bigger deal than Heartbleed. Graham wrote on his blog that an enormous percentage of Linux software interacts with the shell in some fashion and he believes it will be impossible to catalogue all software out there that is vulnerable to the bash bug.
It's being called the Bash bug, or Shellshock. When accessed properly, the bug allows for an attacker's code to be executed as soon as the shell is invoked, leaving the door open for a wide variety of attacks. Worse yet, it appears the bug has been present in enterprise Linux software for a long time, so patching every instance may be easier said than done. Red Hat and Fedora have already released patches for the bug. The bug also affects OS X, and while the company has yet to release an official fix, this Stack Exchange post contains details on how Mac users can check for the vulnerability and patch it once identified.
Source: The Verge



 



 

DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2018 DM Media Group bvba