I just saw this. Might be old news to some, but new to me. http://tinyurl.com/k5xevos
In Heartbleed's wake, Bash flaw puts Linux, Mac OS users at risk by Brandan Blevins, News Writer Researchers say a 20-year-old vulnerability uncovered in the Bash shell, found in Unix-based operating systems including Linux and Mac OS, could lead to a dangerous worm outbreak unlike anything seen in more than a decade. Discovered by UK-based Unix expert Stéphane Chazelas, the Bash vulnerability, also known as Shellshock or CVE-2014-6271, actually dates back more than 20 years and is present in every shell version up to 4.3. US-CERT's National Vulnerability Database has rated the flaw's severity as a "10.0", which is the highest possibly severity, based on the common vulnerability scoring system (CVSS), in large part because it is so easily exploited: the bug can be triggered remotely without any form of authentication. Lizette ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
