Home > Threat descriptions >

Backdoor:Linux/Shellshock.A

Classification

Category: Malware

Type: Backdoor

Platform: Linux

Aliases: Shellshock, Exploit:Linux/CVE-2014-6271.A

Summary


Backdoor:Linux/Shellshock.A identifies files that attempt to exploit the CVE-2014-6271 vulnerability reported in Bash software. If successfully exploited, this vulnerability could allow remote attackers to execute code on the affected system. This vulnerability affects Unix-based operating systems, including Linux and Mac OS X.

Removal


F-Secure security products detect files that attempt to exploit the CVE-2014-6271 vulnerability. To prevent exploitation of such vulnerabilities, please refer to the application vendor for the latest updates and additional advice.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


Bash is a popular command-line shell program that allows users to use text commands to issue instructions to an operating system, such as launching or modifying programs. Bash is used in a wide range of commercial and home systems, for a variety of purposes.

The CVE-2014-6271 vulnerability publicly announced on 24 Sept 2014 can, if successfully exploited, allow remote attackers to execute code on the affected system; in the worst case scenario, a remote attacker would be able to take full control of the system.

Additionally, a patch subsequently issued by RedHat attempting to close the CVE-2014-6271 vulnerability was found to be incomplete; this separate issue is tracked using the identifier CVE-2014-7169.

Users are strongly encouraged to check systems under their administration to determine if they are affected by this vulnerability, and where necessary, to update affected systems with the latest security patches from the respective application or system vendors.

For further details of the Shellshock vulnerability: