Automate Your Security Response from the Catbird Seat.
In addition to the many security breaches that have rocked the retail and financial community in recent months, the latest threat comes in the form of a remotely exploitable vulnerability to the Bash shell (aka Shellshock, or Bashdoor). Unlike some of the targeted attacks on specific companies, the Shellshock vulnerability is in the Bash shell. For those not familiar with Bash shell, it is one of the most widely deployed utilities on *nix operating systems, such as Unix, Linux, MAC OS X, Red Hat and others, that are the platforms for countless web servers, routers, database servers, and even PCs and home computers. This vulnerability allows an attacker to construct commands or execute arbitrary code against a vulnerable host and perform what is known as a "code injection attack". Given that this vulnerability can be exploited with relative ease and with severe consequences, this vulnerability has been given a severity rating of 10 out of 10 by the security community.