ShellShock is a security vulnerability that affects many versions of Unix-like operating systems, like Linux, and allows attackers to gain control over a system illegitimately.
What is the ShellShock vulnerability?
In Unix, a shell is a command processor using which commands are executed in the operating systems. Bash is one such command processor. It is mainly used in text windows. But many applications also use it to execute required commands.
Environment variables are variables whose values are used to determine the way the running processes will behave on the computer. For example, an application process may prefer to store temporary files in a folder. For that purpose, the running process will check the value of the environment variable called TEMP and store the files there.
Using the ShellShock vulnerability, an attacker can attach malicious code to an environment variable in Bash and run it to gain control over the system.
0 Comments