Over the last week, several vulnerabilities in GNU Bash have been discovered and are being referred to as “Shellshock”. Using these vulnerabilities an attacker can remotely execute commands, thereby compromising the machine. To make matters worse, many common configurations provide vectors for this attack, making it a serious problem.
Many Linux distributions have already provided patched software, so the best thing you can do is bring your systems up to date. We have published a guide to help determine if your server is vulnerable and how to update Bash:
Please do not hesitate to open a support ticket if you have any additional questions or concerns.
Filed under: announcements by tasaro