Chalk talk

Sales sales@elastica.net
Play Video

Bash Code Injection (Shellshock) CVE-2014-6271

Bash, a very popular software program on Linux, has a remarkable security weakness. If attackers […]

Share this article

0 0

Bash, a very popular software program on Linux, has a remarkable security weakness. If attackers can have bash invoked in a particular way (i.e., by controlling the bash environment variable), they can inject arbitrary code and gain carte-blanche access to systems. The vulnerability, which has come to be known as the Shellshock vulnerability, has a Common Vulnerabilities and Exposures number of CVE-2014-6271. Given the level of access afforded to the attacker and the relative simplicity of implementing the exploit, this vulnerability potentially has far more severe ramifications than the Heartbleed bug discovered earlier this year. In this video, Elastica Team describes the vulnerability at a high level.

Elastica

Elastica is the leader in Data Science Powered™ Cloud Application Security. Its CloudSOC™ platform empowers the companies to confidently leverage Cloud and SaaS applications while staying safe, secure and compliant.

Read next

Dyreza / Dyre Malware and its High-Level Mechanics When Targeting Salesforce

REQUEST FREE
RISK ASSESSMENT
AND TRIAL