The recently disclosed “Bash Bug” or “Shellshock” vulnerability that affects most versions of Linux, Unix, and Mac OS X operating systems is the latest threat to set IT security teams scrambling to protect their systems.
Disclosed to the world on Sept. 24, the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271) could be exploited to execute code and take over a machine.
Attackers can leverage the vulnerability to attack a variety of devices and web servers and take over the operating system, make changes or perform other actions.
Related: What We Know About Shellshock So Far, and Why the Bash Bug Matters
Symantec has put together the video below which demonstrates the threatening vulnerability in action and answers many important questions.
There have already been reports of limited, targeted attacks targeting the vulnerability and some in the security community believe this bug could be worse than Heartbleed.
Related: Bash ‘Shellshock’ Vulnerability Under Attack
Related: What We Know About Shellshock So Far, and Why the Bash Bug Matters

More from SecurityWeek News
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- In Other News: China Blames NSA for Hack, AI Jailbreaks, Netography Spin-Off
- SecurityWeek to Host Cyber AI & Automation Summit
- US Marks 22 Years Since 9/11 Terrorist Attacks
- In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach
- Webinar Today: Scaling Software Supply Chain Security
- In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs
Latest News
- European Telecommunications Standards Institute Discloses Data Breach
- Number of Internet-Exposed ICS Drops Below 100,000: Report
- Johnson Controls Ransomware Attack Could Impact DHS
- Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks
- CISA Kicks Off Cybersecurity Awareness Month With New Program
- Recently Patched TeamCity Vulnerability Exploited to Hack Servers
- Silverfort Open Sources Lateral Movement Detection Tool
- Bankrupt IronNet Shuts Down Operations
