With the excitement of public details of a remotely exploitable vulnerability in bash (CVE-2014-6271) coming to light today, we decided it was as good of time as any to finally launch Volexity’s blog. We have a lot of exciting announcements and posts coming, but for now we turn our attention to bash. Today’s announcement and release of related patches may ultimately unleash something that rivals HeartBleed. While that still remains to be seen, the time for action from system administrators is now. Are You Vulnerable? If you haven’t patched today, then the answer is most likely yes. However, double checking if this is the case is rather simple. If you want to find out if your version of bash is vulnerable to exploitation, you can use a script that Redhat posted earlier today and quickly check. $ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” […]