Shellshock Spreads to Email


New evidence the dangerous Bash bug has made its way into SMTP.

A report at the SANS website has raised alarms that attackers have learned to exploit the dangerous Shellshock bug, which makes any system running an unpatched version of the Bash shell vulnerable to attack, through SMTP email services. The InfoSec Handlers Diary Blog states, “I’ve received serveral reports of what appears to be shellshock exploit attempts via SMTP. The sources so far have all been webhosting providers, so I’m assuming these are compromised systems.” The post shows an infected header.
According to the report, the payload is “… an IRC bot with simple DDoS commands and the ability to fetch and execute further code.”
Yet one more reason to PATCH YOUR SYSTEMS …


Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=