Apple: Majority Of Mac OS X Users Not At Risk To Shellshock

  /     /     /  
Publicated : 22/11/2024   Category : security


Apple: Majority Of Mac OS X Users Not At Risk To Shellshock


According to Apple, Mac OS X systems are not exposed to remote exploits of Bash unless users have certain UNIX services configured.



Apple says the so-called Shellshock bug does not impact the majority of Mac OS X users.
That may come as a bit of good news for Apple customers worried about the
newly revealed vulnerability
affecting GNUs Bourne Again Shell (Bash).
The vast majority of OS X users are not at risk to recently reported Bash vulnerabilities, an Apple spokesperson told Dark Reading. Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of Bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.
Apple did not specify what advanced services it meant. Eldon Sprickerhoff, chief security strategist at eSentire says they likely include inbound services including ssh, web services (a.k.a. Apache), and others. My advice is, if youre running OS X as a web server, take it down until theres a patch or use something to block ShellShockish queries with a wrapper or something like Mod-security.
The vast majority of the attacks inbound on the Internet are through web servers, he says. You use the web server to run a script that lets you exploit the bash bug. The web server is the vector to access the bug itself. So, if you have fewer open vectors available, youre less vulnerable. However, theres some indication that DHCP could be a
vector for other systems
. Theres a whole new attack space to be analyzed here.
The Pluralsight author and security expert
Troy Hunt wrote
in a blog post that Bash is a *nix shell -- an interpreter that enables users to orchestrate commands on Unix and Linux systems, typically by connecting over SSH or Telnet. It can also operate as a parser for CGI scripts on a web server that would typically be seen running on Apache.
There are other shells out there for Unix variants, the thing about Bash though is that its the default shell for Linux and Mac OS X which are obviously extremely prevalent operating systems, he wrote. Thats a major factor in why this risk is so significant -- the ubiquity of Bash -- and its
being described
as one of the most installed utilities on any Linux system.
The risk centers on the ability to arbitrarily define environment variables within a Bash shell which specify a function definition, Hunt wrote. The trouble begins when Bash continues to process shell commands after the function definition resulting in what wed classify as a code injection attack.
Shortly after the bug was disclosed yesterday, the first attempts by criminals to take advantage of the issue began.
The most recent attempts we see to gain control of web servers just create a new instance of Bash and redirect it to a remote server listening on a specific TCP port. This is also known as a reverse-connect-shell, Kaspersky Labs Stefan Ortloff
wrote in a blog post today
. In another ongoing attack the criminals are using a specially crafted HTTP-request to exploit the Bash vulnerability in order to install a Linux-backdoor on the victims server. Were detecting the malware and its variants as Backdoor.Linux.Gafgyt.
The activity by attackers has led the Internet Storm Center to raise the
InfoCon status to Yellow
.

Last News

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security

▸ Sony, XBox Targeted by DDoS Attacks, Hacktivist Threats ◂
Discovered: 23/12/2024
Category: security

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Apple: Majority Of Mac OS X Users Not At Risk To Shellshock