To all IT Professionals:

 

We have a pretty serious vulnerability for Operating Systems that use Bash, please see the notice below:

 

********************************************************************************

 

US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.

US-CERT recommends users and administrators review the Redhat Security Blog (link is external) for additional details and to refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch. A GNU Bash patch is also available for experienced users and administrators to implement.

 

Operating systems with updates include:

 

    CentOS

    Debian

    Redhat (link is external)

    Ubuntu (link is external)

 

Link to full Article:

 

https://www.us-cert.gov/ncas/current-activity/2014/09/24/Bourne-Again-Shell-Bash-Remote-Code-Execution-Vulnerability

 

**********************************************************************************

 

 

Most Linux based operating systems have a fix available, please patch ASAP. The UNL ITS Security Team will keep you up to date when a fix becomes available for Mac OSX.

 

 

Mike

 

 

Michael Rutt | Sr. Security Analyst | [log in to unmask] | 402-472-0933