Select Page

What Does Shellshock Mean for My Enterprise Linux Operating System?

Author: John Kaufling | | October 30, 2014

A critical vulnerability in the Bash command-line shell engendered concern in its wake, but what does the discovery of Shellshock mean for my enterprise?

What is Shellshock?

Shellshock is a wide-spread vulnerability affecting versions of GNU Bash through 4.3. It has been found in the wild, specifically in active exploits against web servers.

Dan Timpson, vice president of technology at digital certificate authority DigiCert, explains on the company’s blog

Bash is a command-line shell used in many Linux and UNIX operating systems. … While Bash is often thought of as simply a local shell, it is arguably one of the most installed utilities in any Linux system. Many applications invoke Bash to run external commands, like CGI scripts—and this is where Shellshock comes in.

When Bash is called in an infected system, an attacker could leverage the vulnerability to cause Bash to execute any commands in the malicious environment configured. Some OpenSSH configuration and DHCP clients may also be affected by Shellshock. A successful attack could affect systems in various ways. In addition to crashing or hosting malware, an infected system could be used by an attacker to breach systems and obtain sensitive data and network access credentials.

Security experts note that there are specific conditions that must exist in the infected system for this to occur. Regardless, they encourage users to install all patches for Linux and other systems using Bash. They also recommend that system administrators install the latest intrusion detection signatures to detect and block any attempts to exploit system vulnerabilities.

Bash Patches

Vendors including Cisco, Juniper Networks, Hewlett-Packard, and Oracle issued security updates for their products as a result. Networking gear was particularly vulnerable according to CRN, which reported:

Cisco Systems identified dozens of networking devices, firewalls and other gear that are impacted by the vulnerability. Users of networking gear from Fortinet, F5 Networks, Dell, Check Point, Blue Coat and Barracuda Networks are also impacted by the flaw.

Oracle has generated a list of products that are affected by Shellshock vulnerabilities, or might be affected by them, along with a list of Oracle products that have fixes available. The list includes products by PeopleSoft, Sun, Pillar and other Oracle brands.

There’s really nothing to be gained by panicking. If your organization is proactively installing upgrades and updates for software and hardware and following industry best practices on network security, there is most likely no need for extraordinary measures.

How to Check for Bad Bash

You may wish to check your system regardless. To determine whether the servers for which you are responsible may be vulnerable, ReadWrite suggests opening your Terminal program and entering the following:

$ bash –version

To search for the bug, type:

$ env X=”() { :;} ; echo vulnerable” /bin/sh -c “echo stuff”

If the response is “vulnerable stuff,” then it contains the vulnerability.

This is one of several recently-discovered vulnerabilities found in Bash. Some are very closely related and are, as a result, being lumped under the Shellshock rubric.

If you or your colleagues observe an unexplained spike in traffic on a specific server, odd changes in system CPU/memory usage, suspicious connections and processes, and similar activity, your system may be infected.

For the latest information on this and other security issues, visit the United States Computer Emergency Readiness website.

Should you need more specific assistance, please contact Datavail for more information on how we might best support you and your organization with custom solutions tailored to your database security needs.

Image by hatoriz/123RF.

How to Solve the Oracle Error ORA-12154: TNS:could not resolve the connect identifier specified

The “ORA-12154: TNS Oracle error message is very common for database administrators. Learn how to diagnose & resolve this common issue here today.

Vijay Muthu | February 4, 2021

Data Types: The Importance of Choosing the Correct Data Type

Most DBAs have struggled with the pros and cons of choosing one data type over another. This blog post discusses different situations.

Craig Mullins | October 11, 2017

How to Recover a Table from an Oracle 12c RMAN Backup

Our database experts explain how to recover and restore a table from an Oracle 12c RMAN Backup with this step-by-step blog. Read more.

Megan Elphingstone | February 2, 2017

Subscribe to Our Blog

Never miss a post! Stay up to date with the latest database, application and analytics tips and news. Delivered in a handy bi-weekly update straight to your inbox. You can unsubscribe at any time.

Work with Us

Let’s have a conversation about what you need to succeed and how we can help get you there.


Work for Us

Where do you want to take your career? Explore exciting opportunities to join our team.