The cyber war is making companies spend a huge fortune in getting security to protect their corporate data. Understanding the various virus and threats is the task of all IT managers and web developers so they can brace themselves against threats to operating systems and cyber threats.
Shellshock is regarded as a bigger threat than heartbleed and it poses a security threat to Linux and Unix systems. The problem has emanated from two security holes in a graphical user interface found on both systems from specific vendors such as IBM, Sun Microsystems and Hewlett-Packard. This will allow an offender to launch a denial of service attack or wipeout files or overwrite files with a different data on affected systems.
ToolTalk is a system that allows applications to talk to each other across a variety of platforms and systems. The ToolTalk database server manages the communication between applications and this is where the two security holes have been identified. When the corporate network uses a web server and all nodes are connected to utilize Internet, the offenders can even launch a distributed denial of service (DDoS) attack. This spells havoc for large-scale digital companies, small-scale web hosts and all Internet connected devices. The flaw is 25 years old and was never detected or fixed. Malicious code can be easily executed through the Command Prompt on PC or Mac terminals to take over the operating system and gain access to corporate data. After gaining access to the system, the offenders can easily steal or delete data or third party information such as credit card information.
Big corporations that are using products from the above vendors are advised to take caution and get Distributed Denial of Service (DDoS) protection from a reliable company. Such companies are able to mitigate the attack in session and restore service for users to prevent damage to sales and company image.
Shellshock allows an attacker to affect the system and to delete or alter files. Under an attack, the Tooltalk RPC data base does not validate file operation properly. After access is gained to a database, any file can be deleted.
Products vulnerable to the ToolTalk flaws include:
- Caldera International’s Open Unix and UnixWare
- Hewlett-Packard’s Tru64, HP-UX 10.10, 10.20, 11.00 and 11.11
- IBM AIX 4.3.3 and 5.1.0
- Sun Solaris 2.5.1, 2.6, 7, 8 and 9
Currently, vendors are busy readying patches for the above operating systems, so users can obtain fixes fast.