A critical vulnerability has been discovered within ‘bash’, a core component of most Linux and UNIX distributions, including Mac OS X and embedded systems. Administrators are urged to patch immediately.
This vulnerability allows attackers to compromise systems remotely, including systems used as web servers. The flaw allows an attacker to remotely attach a malicious variable that is executed when ‘bash’ is invoked.
Refer to: Bourne-Again Shell (Bash) Remote Code Execution Vulnerability(external link)
Refer to: GNU Bourne-Again Shell (Bash) ‘Shellshock’ Vulnerability(external link)