A
new security vulnerability known as the Bash or Shellshock bug could
spell disaster for major digital companies, small-scale Web hosts and
even Internet-connected devices.
The quarter-century-old security
flaw allows malicious code execution within the bash shell (commonly
accessed through Command Prompt on PC or Mac's Terminal application) to
take over an operating system and access confidential information.
A
post from open-source software company Red Hat warned that "it is
common for a lot of programs to run Bash shell in the background," and
the bug is "triggered" when extra code is added within the lines of Bash
code.
Security
expert Robert Graham has warned that the Bash bug is bigger than
Heartbleed because "the bug interacts with other software in unexpected
ways" and because an "enormous percentage" of software interacts with
the shell.
"We'll never be able to catalogue all the software out
there that is vulnerable to the Bash bug," Graham said. "While the
known systems (like your Web server) are patched, unknown systems remain
unpatched. We see that with the Heartbleed bug: six months later,
hundreds of thousands of systems remain vulnerable."
FOR PRACTICAL DEMONSTRATION - VISIT THIS TUTORIAL
0 Visitor Reactions & Comments:
Post a Comment
For Guest Posts or your valuable suggestions... drop email on "[email protected]"