Linked by Thom Holwerda on Fri 26th Sep 2014 05:00 UTC
Privacy, Security, Encryption

By now you may have heard about a new bug found in the Bash shell. And unless you're a programmer or security expert, you're probably wondering if you should really worry. The short answer is: Don't panic, but you should definitely learn more about it, because you may be in contact with vulnerable devices.

This bug, baptized "Shellshock" by Security Researchers, affects the Unix command shell "Bash," which happens to be one of the most common applications in those systems. That includes any machine running Mac OS X or Linux.

A very simple and straightforward explanation of this major new security issue. The OSNews servers were updated yesterday.

Permalink for comment 596916
To read all comments associated with this story, please click here.
Routers
by PhilPotter on Fri 26th Sep 2014 08:02 UTC
PhilPotter
Member since:
2011-06-10

Whilst this is a serious bug no doubt, the only way it could be accessed externally from a router is if someone had an unencrypted telnet port running with no authentication required, or something along those lines. In that instance, they have bigger problems than a little bash bug in my opinion - a port exposed on the WAN interface with which someone can access bash directly. Not good, but otherwise I can't see the fuss here.

Edited 2014-09-26 08:03 UTC

Reply Score: 4