Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

The recently disclosed bug in bash was bad enough as a theoretical exploit; now, reports Ars Technica, it could already be being used to launch real attacks. In a blog post yesterday, Robert Graham of Errata Security noted that someone is already using a massive Internet scan to locate vulnerable servers for attack. In a brief scan, he found over 3,000 servers that were vulnerable "just on port 80"—the Internet Protocol port used for normal Web Hypertext Transfer Protocol (HTTP) requests. And his scan broke after a short period, meaning that there could be vast numbers of other servers vulnerable. A Google search by Ars using advanced search parameters yielded over two billion web pages that at least partially fit the profile for the Shellshock exploit. More bad news: "[T]he initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry." And CNET is not the only one to say that Shellshock, which can affect Macs running OS X as well as Linux and Unix systems, could be worse than Heartbleed.

Re:I love it.

[jedidiah]

No.

On Linux we have bugs.

On Windows you still have rampant malware that's taking your data hostage.

Despite Lemming attempts to conflate every software bug with a Windows virus that does actual damage, it simply isn't so.

The strong technical merits are still there. Windows is still a festering cesspit. Legacy apps remain the only real reason to run WinDOS.