As you’re probably aware, a new vulnerability (CVE-2014-6271) was recently disclosed that affects Bash—a common shell used by most Linux/Unix distributions. This vulnerability, called “ShellShock” or “Bash Bug”, affects Linux/Unix systems, servers, embedded devices, even OS X and potentially mobile devices.
To put the severity of this vulnerability into context, we can recall the Heartbleed vulnerability back in April, which was rated a number 5 on the NIST CVSS score. ShellShock has been rated an impact score of 10, allowing unauthorized disclosure of information, modification and disruption of service.
After scanning your perimeter network services for vulnerabilities using a service like PureCloud Enterprise, it’s important to also identify which devices on your internal network are vulnerable to ShellShock, as they can easily be exploited by an insider threat or used to advance an attack laterally across the network.
Since ShellShock affects Unix and Unix-like operating systems, there are many devices that ShellShock can affect including firewalls, routers, switches, POS devices, tablets and smart phones.
To find the ShellShock vulnerability on your internal networks with Tripwire IP360, simply update to the latest ASPL release and run your scans as usual.