Bash is an interpreter that allows commands to be orchestrated Unix and Linux systems typically by connecting over SSH or Telnet. It can also operate as a parser for CGI scripts on a web server as typically seen running on Apache.
Other shells exist for Unix variants, however Bash is the default shell for Linux and Mac OS X which are extremely common operating systems, this is a major factor in why this risk is so significant –it is being described as “one of the most installed utilities on any Linux system”. The CVE numbers assigned to this issue are CVE-2014-7169, CVE-2014-6271, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277 and CVE-2014-6278.
Bash is being rated “10 out of 10”, made worse by the fact it is easy to execute the attack as the complexity of access is low and more importantly no authentication is required when exploiting Bash via CGI scripts.
The risk is due to the ability to arbitrarily define environment variables within a Bash shell which specify a function definition. The issue occurs when Bash continues to process shell commands at the end of the function definition which results in a “code injection attack” this could then be exploited if a worm or something similar were developed to exploit the vulnerability.
Versions of Bash below 4.3 where unpatched are vulnerable.
All Linux derivates using Bash from version 1.14 to 4.3
Fujitsu is analyzing its products and will update this page accordingly.
Share this page