Researchers on Thursday discovered proof-of-concept code that could take advantage of unpatched computer systems, and found evidence of attacks exploiting the BASH Shellshock bug in the wild. Shellshock, revealed Wednesday, could become a major threat to Linux/Unix and Apple operating systems if published patches to BASH are not applied before an attacker cashes in. However, there’s some concern that the current patches may not be complete. The U.S. Computer Emergency Readiness Team on Thursday issued a warning about the vulnerability.
This security issue led me to inspect my new employer's own web services.
It turns out that we have an old SSI WEB application - that's right, server side includes! - and it is easy to compromise it with just a tiny bit of knowledge.
Fortunately for us it is behind a paywall which inadvertently provides a little more security. But others should definitely watch out for this kind of old software as once someone gets in there it will be like falling on a spinning saw blade with 4 inch sawtooths: UGLY.
Loading ...
Bash Shellshock Bug Patched but Not Pummeled
Posted by: Jack M. Germain September 25, 2014 03:21 PMResearchers on Thursday discovered proof-of-concept code that could take advantage of unpatched computer systems, and found evidence of attacks exploiting the BASH Shellshock bug in the wild. Shellshock, revealed Wednesday, could become a major threat to Linux/Unix and Apple operating systems if published patches to BASH are not applied before an attacker cashes in. However, there’s some concern that the current patches may not be complete. The U.S. Computer Emergency Readiness Team on Thursday issued a warning about the vulnerability.
It turns out that we have an old SSI WEB application - that's right, server side includes! - and it is easy to compromise it with just a tiny bit of knowledge.
Fortunately for us it is behind a paywall which inadvertently provides a little more security. But others should definitely watch out for this kind of old software as once someone gets in there it will be like falling on a spinning saw blade with 4 inch sawtooths: UGLY.