Mac OS X among those that BASH vulnerability could cripple

No more BASHing
Blame the BASH feature

System administrators all over the world have woken up to yet another major security scare - after the Heartbleed bug back in April, this time, one that affects UNIX-based operating systems including Linux, Mac OSX and potentially Android – which has roots in UNIX.

The BASH bug (or Shellshock) as it is now known was discovered yesterday by security researchers working for open source company, Red Hat and because platforms affected are ubiquitous, one should expect more damage than Heart Bleed.

Indeed, what makes it so worryingly dangerous is that it affects everything that runs GNU's Bourne Again Shell (otherwise known as BASH) and are connected to the internet.

This includes any Internet-of-things devices like video cameras that operate using web-based BASH scripts. These are not only difficult to patch but also difficult to track and audit, which makes in-the-wild exploits very likely.

ESET's Mark James gives a simple routine to find out whether your systems are affected. Type

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

The output on a vulnerable system will read

vulnerable

this is a test

A patched or unaffected system will output:

bash: warning: x: ignoring function definition attempt

bash: error importing function definition for 'x'

this is a test

He added that the bug has been around for a very long time and the community doesn't really know how many systems are actually affected by it.

TOPICS
Desire Athow
Managing Editor, TechRadar Pro

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website builders and web hosting when DHTML and frames were in vogue and started narrating about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium.

Latest in Software & Services
TinEye website
I like this reverse image search service the most
A person in a wheelchair working at a computer.
Here’s a free way to find long lost relatives and friends
A white woman with long brown hair in a ponytail looks down at her computer in a distressed manner. She is holding her forehead with one hand and a credit card with the other
This people search finder covers all the bases, but it's not perfect
That's Them home page
Is That's Them worth it? My honest review
woman listening to computer
AWS vs Azure: choosing the right platform to maximize your company's investment
A person at a desktop computer working on spreadsheet tables.
Trello vs Jira: which project management solution is best for you?
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time
Shigeru Miyamoto presents Nintendo Today app
Nintendo Today smartphone app is out now on iOS and Android devices – and here's what it does