Shellshock is the media-friendly name for a security bug found in Bash, a command shell program commonly used on Linux and UNIX systems.
The bug is what’s known as a Remote Code Execution vulnerability, or RCE.
This means that someone who isn’t already logged on to your computer might be able to trick Bash into running a program that it wasn’t supposed to.
Officially, the bug is documented as CVE-2014-6271 and CVE-2014-7169.
Related articles
- What you need to know about Sophos and the Bash “Shellshock” vulnerability (community.spiceworks.com)
- A breakdown of the Bash “Shellshock” vulnerability (community.spiceworks.com)
- Bash “Shellshock” vulnerability – what you need to know (nakedsecurity.sophos.com)