MELANI rates it as a serious threat, but SWITCH can give assurance that its systems are not affected by the Shellshock security loophole.
Following on from Heartbleed, the press is now reporting on a new security loophole called Shellshock. This is a vulnerability that can occur on Linux/UNIX servers in a software component known as the Bourne Again Shell or Bash for short (CVE 2014-6271, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277). The Swiss Reporting and Analysis Centre for Information Assurance MELANI rates Shellshock as a serious threat.
SWITCH took the necessary precautions as soon as the loophole was made public. Its systems have been secure and stable at all times. With new loopholes being found in Bash on regular basis, we are keeping a close eye on developments and patching our systems wherever necessary.
Security loopholes in systems are nothing new, but the general public is becoming increasingly aware of them.