University of Southern California

Bash Vulnerability

Posted on by Robert

A new vulnerability has been announced that may allow an attacker to run arbitrary commands on your server. This may result in loss of protected or sensitive data and/or service disruption.

The easiest targets for a remote attacker are web servers though other services may be exploited by both remote and local attackers. Common operating systems that have a vulnerable version of bash installed are RedHat, CentOS, and OS X. Please see RedHat’s and CentOS’s posts which show what software needs to be patched:

Or if you want to (or need to because the vendor has not supplied a patch) update bash separately, see:

If you would like additional technical details on this vulnerability, please email security@usc.edu.

Comments are closed.