We would like to inform you about a major vulnerability detected in Bash (Linux/Unix shell interpreter) vulnerability is described in CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187 security bulletins and known as Shellshock in media.
Information has recently been published about the vulnerability in Linux versions 2.6.31-rc3 – 3.15-rc5, allowing the system local users to escalate privileges root. Security vulnerability is found in all popular Linux distributions. Newly released updates fix security vulnerability in ubuntu, debian. CentOS version 6.4 and older is not succeptable to this vulnerability. For the other distributions updates are expected in the nearest future. Ifyou manage the serveryourself, but youneed assistance, our support team is ready to assistyou in updating thesystemwith the paid hourly management. If your equipment is managed by our technicians , you will not need to worry – we will handle everything for you.
The OpenSSL Project staff released security bulletin CVE-2014-0160, which states about the critical vulnerability in the popular cryptographic library OpenSSL. Vulnerability is related to the lack of adequate bounds check in one of the procedures of expanding Heartbeat (RFC6520) protocol for TLS / DTLS. Because of this little error of one programmer anyone gets direct access to the RAM of computers whose communication is “protected” by the vulnerable version of OpenSSL.