Shell Shock – Grave problema de seguridad en la web

Un nuevo problema de seguridad se ha presentado para toda la comunidad web. Se trata de una vulnerabilidad del programa Bash. Este programa esta incluido en todos los servidores linux.

El problema es tan extenso que incluso muchos de los actuales teléfonos android y apple están comprometidos.

La recomendación es actualizar a la ultima versión todos los equipos que uno tenga. lo que incluye teléfonos, ordenadores, televisiones inteligentes, routers , etc.

Todos los parches presentados por Cloudlinux para mitigar el problema han sido instalados en todos nuestros servidores.

Información adicional en ingles:

A serious security flaw has been discovered in GNU Bourne Again Shell (Bash) that could allow an attacker to remotely execute code. We have already checked that our internal servers were patched and unaffected. Attacks using this exploit, which is being called “shellshock”, have already been reported (http://www.zdnet.com/first-attacks-using-shellshock-bash-bug-discovered-7000034044/). This bug can potentially affect any Linux, BSD, or OSX based operating system with bash installed, and action should be taken to quickly patch any systems affected.

Red Hat has released an excellent guide on testing for the vulnerability here:
https://access.redhat.com/articles/1200223

To update bash on Red Hat based distros, such as CentOS, use the following command:
yum update bash

To update bash on Debian based distros, such as Ubuntu, use the following command:
apt-get update && apt-get install bash

Please see the following sites for more information on this bug:

US-CERT: Bourne Again Shell (Bash) Remote Code Execution Vulnerability
https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

US-CERT Alert TA14-268A: GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169)
https://www.us-cert.gov/ncas/alerts/TA14-268A

Prueba nuestro servicio gratis

Si aun no conoces nuestro servicio, pruebalo Gratis. Estamos seguros que te encantará