When the CVE-2014-6271 and CVE-2014-7169 Bash Vulnerabilities (Shellshock) were discovered on September 24th, we knew we had to act fast in order to protect our customers. These vulnerabilities had the potential to negatively impact thousands of our customers, exposing their servers to dangerous activity. Once our Heroic Support® team sprang into action, we were able to automatically update the vast majority of our customers’ servers before they even knew the Bash exploit existed and, in the end, successfully protected all of our affected customers.
Bash, or the GNU Bourne-Again Shell, is a Unix command line shell run by default on most Linux servers. The Shellshock vulnerabilities discovered in Bash were particularly dangerous because they allowed for remote code execution and many other types of command-line based attacks. The fix for this exploit was a patch that we were able to proactively implement for most of our affected customers. We immediately updated mirrors to ensure that the CentOS patch for this vulnerability would install upon each server’s next scheduled update. As an additional precaution, we also proactively updated our ModSecurity rules according to the recommendations from Red Hat.
Some users, however, remained vulnerable dependent upon update settings or other unforeseen intervening factors. The few customers that could not be automatically updated due to outdated software on their server were notified immediately of the steps they should take to protect themselves. Through a series of email notifications, Knowledge Base articles and tutorials, as well as passive updates on our website, we were able to reach out to all of our customers and proactively update their servers.
If you are still in need of assistance with your server, or simply have more questions regarding the Bash Vulnerabilities, we can help. Check out our Knowledge Base tutorials or contact our Heroic Support® for more information.