Revision as of 19:51, 25 September 2014 edit Qwertyus (talk \| contribs) Extended confirmed users 31,640 edits m Qwertyus moved page ShellShock to Shellshock (software bug): no StudlyCaps in sources ← Previous edit		Revision as of 19:54, 25 September 2014 edit undo Qwertyus (talk \| contribs) Extended confirmed users 31,640 edits name not given by RH; intro for the general public Next edit →
Line 1: {{current event\|date=September 2014}} A'''Shellshock''' is the name of a serious security vulnerability in [[Bash (Unix shell)\|BASH]], ~~was~~a ~~publicly~~command ~~disclosed~~interpreter onused 24by ~~September~~many ~~2014~~[[web server]]s running [[Apache HTTP Server\|Apache]] and/or [[Secure Shell\|SSH]]. The vulnerability, ~~which~~was ~~has~~publicly ~~been~~disclosed ~~named~~on ~~''Shellshock''~~24 bySeptember ~~its~~2014 ~~discoverer,~~by Huzaifa Sidhpurwala of [[Red Hat]].<ref>{{Cite web \| author = Huzaifa Sidhpurwala \| title = Bash specially-crafted environment variables code injection attack Line 6: \| url = https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/ \| date = 2014-09-24 }}</ref> ~~}}</ref>~~It has been added to the United States [[National Vulnerability Database]] with identifier CVE-2014-7169.<ref name=NIST> {{cite web \|url=http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

Shellshock (software bug): Difference between revisions