Vulnerability

Bash is one of the most used shells on Unix based systems. The newly discovered “shellshock” vulnerability affects millions of systems. The weakness abuses an internal check when Bash gets a variable declaration. By defining this variable and putting more “stuff” (commands) in it, Bash will actually execute those commands as well. Unfortunately this results in several possible ways to exploit it by attackers. Websites One way this vulnerability scan be exploited, is by embedding it in HTTP requests.

There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused by evildoers.