Information Technology Services (ITS)
Published on: September 25, 2014
Re: CVE-2014-6271 and CVE-2014-7169 Bash remote code execution vulnerability
You may have heard of a vulnerability that renders the Bourne Again Shell (bash) utility vulnerable to attack. Vulnerable systems include Linux, Apple Macintosh, and potentially other systems. Vendors are working to provide patches to correct this vulnerability – please pay close attention to, and apply as soon as possible, any vendor-supplied patches. This reinforces the need to always apply ‘critical’ or security-related patches as quickly as possible. ISEA is working to manage the University’s risk in this matter – quick patching is what makes this management possible.
Current remote attack vectors include CGI programs that use BASH and SSH automatic logins with command settings (there may be others). For systems directly accessible from the Internet, consider suspending these services or monitoring them closely until appropriate patches are available.