Backdoor:Linux/Shellshock.A

Threat description

Details

CATEGORYMalware
TYPEBackdoor
PLATFORMLinux, OSX

Summary

Backdoor:Linux/Shellshock.A identifies files that attempt to exploit the CVE-2014-6271 vulnerability reported in Bash software. If successfully exploited, this vulnerability could allow remote attackers to execute code on the affected system. This vulnerability affects Unix-based operating systems, including Linux and Mac OS X.



Removal

F-Secure security products detect files that attempt to exploit the CVE-2014-6271 vulnerability. To prevent exploitation of such vulnerabilities, please refer to the application vendor for the latest updates and additional advice.

Technical Details

Bash is a popular command-line shell program that allows users to use text commands to issue instructions to an operating system, such as launching or modifying programs. Bash is used in a wide range of commercial and home systems, for a variety of purposes.

The CVE-2014-6271 vulnerability publicly announced on 24 Sept 2014 can, if successfully exploited, allow remote attackers to execute code on the affected system; in the worst case scenario, a remote attacker would be able to take full control of the system.

Additionally, a patch subsequently issued by RedHat attempting to close the CVE-2014-6271 vulnerability was found to be incomplete; this separate issue is tracked using the identifier CVE-2014-7169.

Users are strongly encouraged to check systems under their administration to determine if they are affected by this vulnerability, and where necessary, to update affected systems with the latest security patches from the respective application or system vendors.

For further details of the Shellshock vulnerability:

Submit a Sample

Suspect a file or URL was wrongly detected?
Send it to our Labs for further analysis

Submit a Sample

Scan & clean your PC

F-Secure Online Scanner will scan and clean your PC in just a few minutes for free

More Info