Earlier last week, a security vulnerability codenamed "Shellshock" which affects many Unix-based computer systems was discovered. This is a critical security vulnerability and could allow an attacker to take control over a vulnerable system.

Shellshock can be used to remotely take control over any system that uses Bash.
Bash (Bourne Again Shell) is a command line on many Unix servers.

NiNet customers are safe and secure

• There is no need to panic: you are and have always been secure.
• As soon as this vulnerability was discovered we patched all of our servers and systems.
• We do understand that new attack vectors and repercussions are being reported on web and Shellshock’s lifecycle can be long. Our security team is dedicatedly keeping track of various security lists, and applying the latest available patches. Every patch is thoroughly tested before we patch our production systems.
• We are increasing our system and accessing monitoring to be proactive against any new attack vectors.
• We will continue to conduct our regular security audits and penetration tests of all our systems.

NiNet customers who are managing their own servers

It is strongly recommended for our users to update the Bash components on their servers.

Here is a really good technical article detailing Shellshock and the issues.

Example for CentOS

yum update bash

Example Debian/Ubuntu

apt-get update
apt-get install --only-upgrade bash

NiNet Company
Support Team