A few hours ago, it has been discovered a new global web server vulnerability in the Bash shell. Its scale is as serious as the famous ‘Heartbleed’ one found recently on OpenSSL. Bash is one of the most widely used utilities in any UNIX-based system, making this vulnerability especially critical.
The vulnerability has been named 'Shellshock' and it allows an attacker to create system variables which may contain malicious code which would be executed whenever Bash is invoked.
The vulnerability has been detected on most web server platforms – from most Linux & UNIX distributions to Apple’s Mac OS X, and threatens a large number of web applications, including CMSs like WordPress and Joomla.
Kind Regards,
Support team