The Shellshock vulnerability in the Bash (Bourne Again Shell), firstreported last week, has been fueling thousands of attacks against Web servers around the world ever since. Though Shellshock is a critical vulnerability, there are multiple ways that organizations can protect themselves, with both Bash patches and security software that limits the risk of the core flaw.
"The vulnerability in Bash allows attackers to feed arbitrary commands for execution on a system," Karl Sigler, manager SpiderLabs Threat Intelligence at Trustwave, explained to eSecurity Planet.
As a shell scripting tool, Bash's primary purpose is to execute commands, but the Shellshock vulnerability abuses that functionality. The risk is high, because many different back-end services, including Web servers, are attached to Bash.
Shellshocked
Trustwave's network of honeypot Web servers first began to see Shellshock-related attacks early on Sept. 25. Trustwave uses the honeypots, basically open Web servers with the ModSecurity Web application firewall (WAF) in front of them, to monitor the Internet for attacks.eSecurityPlanet/ Article/ http://www.esecurityplanet.com/open-source-security/an-open-source-solution-to-shellshock.html