I am posting this in
GD because the effect of this has far reaching ramifications (unless you are a Windows user - in which case you can move on.
)
BASH is a shell program that is a fundamental part of *nix operating systems. It actually stands for "Bourne Again SHell) and has been around for some 25 years. It appears that a vulnerability exits, introduced in version 1.3, that allows code injection, ie malicious code that can compromise the computer.
This affects Linux and MacOS machines, but because Linux is used in many embedded systems, it may affect them too. There is also the possibility that it could affect Android devices, particularly if they have been rooted, although there is no definite conformation that this is the case.
There are patches being developed, and the general advice is that patches should be applied as`soon as possible, particularly if you are running an internet connected server.
My own opinion (fwiw) is that it is cause for concern, but not panic! Firstly, the vulnerability has only just been announced, and there is no evidence to suggest that it has been exploited. (That doesn't mean it hasn't, of course) but now it is known about, I suspect that there will be hackers writing code to exploit it. Of course, the vulnerability can only be exploited if the code can be entered into the device, so normal physical and common sense security precautions apply.
Secondly, one method of getting the code in would be to run a web site purporting to have the "fix" whereas it is just a social engineering ruse to get exploitable code into a device. So be circumspect where you download any patches from.
For many this will be teaching you to suck eggs, but the potential consequences are too serious to let it pass uncommented.
More information here:
https://www.cert.gov.uk/resources/al...ka-shellshock/
http://web.nvd.nist.gov/view/vuln/de...=CVE-2014-6271
You only have to Google Shellshock to find a whole page of reports, ranging from the considered through to the alarmist/sensational. The two I have quoted are -
IMHO - probably among the more authoritative.