Introduction
Bash or Shellshock Bash Bug is a seriously dangerous vulnerability is present in a majority of distributions of Apple’s Mac OS X, Linux and UNIX. Stephane Chazelas was the discoverer of the Bash bug (Mimoso, 2014).
Type of Flaw/Condition within the Operating Systems
Bash Bug is a flaw that makes it possible for a system attacker or invader to remotely put together a variable and a malicious executable. The invoking of Bash then executes the damage. In other words, this security flaw allows the creation of environment variables consisting of malevolent code before the Bash shell is called by the system (Mimoso, 2014).
It is a super simple vulnerability that can affect almost all Bash versions. On the other hand, even though it is an extremely grave flaw, it needs “very specific conditions in place where a remote user would be able to set that environment variable” (Mimoso, 2014). It means that it is not a common flaw. As far as its context is concerned, all Linux and UNIX systems have Bash. One of the most important things is that Bash can invite the Heartbleed OpenSSL vulnerability comparisons (Mimoso, 2014). It could be more dangerous than the Heartbleed vulnerability. It is because it takes advantage of HTTP headers and various other systems for enabling illegal admission to the core Bash system shell. On the whole, an attacker is able to stick - () {- (the attack trigger) into a referrer or cookie (HTTP headers). A ping or ls (bash commands) then follows. The environment variables are generated after the transference of HTTP headers to a CGI script. It is here that the Bash flaw enters the system and harms it severely (“Mitigating the Bash Shellshock Vulnerabilities,” 2014).
Shellshock poses serious threats to a system due to the broadness of available commands’ range at the system level. Therefore, its execution in a successful manner can cause significant damage. According to a current theory, Shellshock Bash may be employed for more despicable and wicked purposes. For instance, it can make a system remotely download and carry out a script that has the potential of compromising the system. It is possible as there are a number of Bash commands that can access other systems in an extremely easy manner. For these reasons, it must be the top priority of the users of the mentioned operating systems to plug this flaw (“Mitigating the Bash Shellshock Vulnerabilities,” 2014).
How to Counter Bash Bug Flaw?
The initial step to mitigate Shellshock is programmability. It must be understood by the programmers that system-level patches take some time to conquer and deploy vulnerable systems and devices. This is the reason updating vulnerable systems is extremely necessary. However, if the updating is not done, protection of systems from exploitation is essential till then. As such flaws are mostly concealed within HTTP headers due to their nature; a majority of network infrastructure remains completely blind to such malicious attacks. LineRate Proxy and BIG-IP are the two examples of programmable infrastructure that act as useful platform to quickly respond to application-layer attacks like Shellshock or Bash Bug. Thus, a powerful tool to detect and mitigate the discussed attack is network programmability (“Mitigating the Bash Shellshock Vulnerabilities,” 2014).
() {is the string to look for while addressing the Bash flaw. Initially, it seems to be an easy solution. However, “the dizzying array of encoding and escaping possible in HTTP exchanged data makes this much easier for attackers to evade detection” (“Mitigating the Bash Shellshock Vulnerabilities,” 2014). Therefore, it is important to put an efficient mitigation plan for the detection of the attack as well as the avoidance of attack detection.
As far as defensive measures are concerned, there are various options that are available for the systems administrators to avoid and/or detect Bash bug attacks. These options include attaining up-to-date information regarding changing patches, disabling entire function exporting in a patch, and using an alternate shell (Ellis, Sniffen & Brenner).
Conclusion
REFERENCES
Ellis, A., Sniffen, B., & Brenner, B. (n.d.). Shellshock-Bash CVE List: Where Akamai Fits In. Akamai. Retrieved October 21, 2014, from http://www.akamai.com/html/security/shellshock-bash-cve-list.html
Mimoso, M. (2014, September 24). Major Bash Vulnerability Affects Linux, UNIX, Mac OS X. Threatpost . Retrieved October 21, 2014, from http://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x/108521
Mitigating the Bash Shellshock Vulnerabilities. (2014). F5. Retrieved October 21, 2014, from https://f5.com/solutions/mitigation/mitigating-the-bash-shellshock-cve-2014-6271-and-cve-2014-7169-vulnerabilities
