Shellshock - What it is and why it's important

Where does the exploit take place: The Shellshock bug occurs in a part of system software called Bash that allows you to define functions, which is what programmers call a sequence of commands that are saved up for later. The "shell" or "command prompt" is a piece of software that allows a computer to interact with the outside (you) by interpreting text to access the operating system's services.

What does the bug do: Because of the Shellshock bug, however, Bash can be tricked into running commands specified in a function definition, instead of storing them up harmlessly and not using them. The bug allows remote attackers to execute arbitrary code without any required authentication. The remote execution of extra code (over the internet or a network) could let an attacker load malware on a system and steal private information, delete files, activate your camera, and basically access your network.

Who does this effect: Anyone running linux equipment, which includes most routers and network devices. Bash is a shell or in other words, an interpreter that allows you to orchestrate commands on Unix and Linux systems. It can also operate as a parser for CGI scripts on a web server such as we’d typically see running on Apache. It’s been around since the late 80s and is used in most linux and unix machines. Bash is the default shell for Linux and Mac OS X which are obviously extremely prevalent operating systems. That’s a major factor in why this risk is so significant – the ubiquity of Bash – and it’s being described as “one of the most installed utilities on any Linux system”.

How can you test if you’re vulnerable: The easiest way to check if your system is vulnerable is to execute the following command on your system:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the system returns the string "vulnerable", you should update your system. If it just returns "this is a test" or an error message, then it is not vulnerable. If your VPN Accelerator has been updated to version 2.1, then if you execute this line in Diagnostics / System, it will only return "this is a test" because the system is no longer vulnerable. If you run this line on your Sabai Router, it will return an error, since the router does not have the Bash application.

Which Sabai equipment is affected? No router versions are affected. VPN Accelerator version 1.0 and 2.0 are affected. VPN Accelerator Version 2.1 addresses the vulnerability. This update is available at no charge directly from your accelerator interface.

Method of attack: Sabai Technology equipment is protected from this method of attack, by default, since it's web interface is inward network facing. Those customers who have changed their default router setting to allow external internet access to their accelerator interface, should make updating to Accelerator version 2.1 a priority.

Security breaches are a real concern and cute names for these bugs should not deter you from taking them seriously. Shellshock is far more if a concern than Heartbleed. Your online security is something you should take proper precautions to protect. Sabai Technology is here to help you keep your equipment and internet traffic safe. VPN is that secured lock on your personal internet data. Take control of your own security with Sabai Technology. Visit SabaiTechnology.com today and Connect Beyond Content to a sense of security that your data has never felt before.