Most Unix/Linux/Mac Computer Systems Open For Hackers

Posted by on

A critical vulnerability allows remote attackers to execute code on our computers.
Immediate patching of everything is recommended.

Some points:

  • As bad as Heartbleed, some people say it is worse: severity 10/10.
  • Existed for 22 years since 1992.
  • Not only Unix Linux, MacOS etc. but also Windows.
  • Yes, I have checked with my Cygwin installation under Windows and the attack works!
  • Checked under recent Linux Ubuntu x64 install, works!
  • Could also affect bitcoin because it was build with MinGW, which is not exactly like Cygwin but may also be vulnerable.

There is a simple test to check if any given system is vulnerable:
From a command line, type the following line:

env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
If the system is vulnerable, the output will be:
vulnerable
this is a test

Leave a Reply

Your email address will not be published. Required fields are marked *