Shellshock (CVE-2014-6271)

Hi all, Hot on the heels of the Heartbleed bug is a new vulnerability dubbed 'Shellshock'. It is a weakness with the well-known 'nix shell called 'Bash' - and apparently has been around for a while. The bug allows the processing of additional shell commands after a function definition - this means that someone can add extra commands to the end of an existing legitimate one, and there's a chance that it will get executed. The Online Operations Team has taken all necessary steps to apply the recommended fixes to the systems and will be closely monitoring the situation. There is also additional updates from Esri Inc.
Read More