Shellshock bug makes Heartbleed look tiny
September 29th, 2014 // 9:08 pm @ Erik Westermann
Shellshock is the name for a newly discovered vulnerability in various Unix-based systems that allows an attacker to escalate privileges and execute arbitrary commands and scripts. Unix-based systems run about 51% of web servers and Unix-based systems an estimated 26 billion internet-connected devices (like WiFi routers, broadband modems)
The vulnerability has existed in Unix-based systems for about 20 years yet was only recently made public (Sept 24 2014). While patches were available, researchers discovered further vulnerabilities; a more recent Shellshock patch may address a broader set of vulnerabilities.
Category : Blog