By now, you may have heard about CVE-2014-6271, also known as the “Shellshock”, that may affect your organization. It’s rated the maximum CVSS score of 10 for impact and ease of exploitability. The affected software, Bash (the Bourne Again SHell), is present on most Linux, BSD, and Unix-like systems, including Mac OS X. New packages were released today, but further investigation made it clear that the patched version may still be exploitable, and at the very least can be crashed due to a null pointer exception.
In an effort to keep our customers and the security community informed, we have released this threat advisory. We will continue to keep you informed as more information becomes available. In the meantime, we’ve included some information below.
How to protect?
The most straightforward answer is to deploy the patches that have been released as soon as possible. If you have systems that cannot be patched (for example systems that are End-of-Life), it’s critical that they are protected behind a firewall. A big one. And test whether that firewall is secure.
How can we help?
Rewterz’s Penetration Testing team can assist you with the detection and verification of these issues. We strongly recommend that you test your systems as soon as possible and deploy any necessary mitigations. If you would like some advice on how to handle this situation, our team can help.