fbpx

Shellshock

One of the most commonly installed utilities on a Linux system, Bourne Again Shell(Bash), was vulnerable to a serious Remote Code Execution vulnerability. These vulnerabilities were documented as CVE-2014-6271 and CVE-2014-7169. This allowed an attacker with the ability to execute code on a remote server giving them an ability to possibly compromise the entire server. Unlike the Heartbleed vulnerability, the attacker does leave traces of performing the exploit in the apache logs.

Although this vulnerability is very wide spread, it mainly affects web servers that have CGI scripts setup. This also affects bash scripts that call environment variables, network dispatcher scripts, and git hooks. If you do not have any of these then there is nothing to be concerned about as the vulnerability does not affect you. If you have CGI scripts and would like to check if the vulnerability has been exploited on your server, feel free to contact us to check your apache logs. As soon as this vulnerability was disclosed, we were already in the process of patching the servers and currently all servers have the latest patch regarding the shellshock vulnerability.

Check Apache logs:

grep ‘() { :;};’ /var/log/httpd/name_of_access_log

Read More:

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

We don't mean to brag but...

These are some of our statistics:

0
Avg Response Time
0%
Server Uptime
0%
Issues Fixed
0
Trees Planted

What Our Customers
Have To Say

About three years ago we were looking for a new server provider, the problem that we were having was we are not “server guys” and we had over 400 clients to take care of. So anytime we tried to get support we had to submit a ticket, try to explain what was going on, and then pray that the response was in some form that we could understand.

After the on-boarding with Green Olive Tree, they told us that we had twice as much server than we needed and they were not set up right. Thank goodness we have found someone that really looked at what we want to do and gave us real actionable advice. It is safe to say that we have found our server company, and now we can focus on growing out business and not have to worry about the reliability of our support.

Thanks again Green Olive Tree, You Guys Rock!

John Owens

Green Olive Tree has been an invaluable resource to my company allowing me to focus more on my business instead of the management of servers. In the five years I have done business with GOT I have had zero downtime. Knowing that everything is being kept up-to-date and they are proactively patching system flaws gives me peace of mind that I didn’t have before finding Green Olive Tree. Jon has always made himself available when I’ve needed advice or help on upgrading servers or software and I can’t imagine ever going back to managing a server without GOT.

Chris Smith

Green Olive Tree has been very good to us. Jon has helped us scale from 200,000 unique’s visitors a day to over 3 million per day. From 1 server to now 14 on a well-structured load balanced failsafe system. Not only that he has managed to reduce our server resources 3 fold by installing the right kind of software so we’re getting more power out of each server for the same price. He always responds very quickly and stays up at all kinds of crazy hours to help us out, the man never sleeps! I guess that’s why he was a Navy Chief, he brings that discipline into his work and that’s what we love.

Anthony Lipari

Call us today at (800) 269-6465
We can help, contact us today.

Copyright © Green Olive Tree

/* LinkedIn Tag */