Shellshock makes Heartbleed look insignificant

    Date29 Sep 2014
    CategoryHacks/Cracks
    2577
    Posted ByDave Wreski
    Somehow there always seems to be another Internet security disaster around the corner. A few months ago everyone was in a panic about Heartbleed. Now the bug called Shellshock (officially CVE-2014-6271), a far more serious vulnerability, is running uncontrolled over the Internet. It's never a good time to panic, but if you're discouraged I don't blame you; I know I am.

    In retrospect, the grave concern over Heartbleed seems misplaced. As information disclosure bugs go it was a really bad one, but it was only an information disclosure bug and a difficult one to exploit. The sky's the limit on attacks with Shellshock and it's so easy to exploit that it's already being widely-exploited according to research firm Fireeye, which says they have already observed several forms of attack:

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"6","type":"x","order":"1","pct":60,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":30,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":10,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.