According to an alert dated September 25th from the United States Computer Readiness Team (US-CERT), the Bash Shellshock bug (CVE-2014-6271) is a security flaw that affects UNIX, Linux, BSD, OS X and other UNIX derivatives. The flaw affects a commonly used, free software system called Bash that has been around since 1989. Many web servers use Bash to process certain commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This permits hackers to take control of a vulnerable machine, steal data, shut down networks and cause other problems.
“Although bTrade products cannot be exploited by the Bash Shellshock security flaw, the systems on which they have been deployed might be”, commented, Clifton Gonsalves, VP of Engineering for bTrade. “We believe that the target of this vulnerability would be the public facing web servers and any other systems which may process user inputs, both directly and indirectly. We highly recommend that our customers get their operating systems patched as soon as possible”.
bTrade develops managed file transfer technology solutions for enterprises that share sensitive data across applications and organizations, and face complex security and compliance mandates. Thousands of customers depend on bTrade solutions to gain control and oversight of the movement of critical corporate data to facilitate data growth, reduce security risk, and improve IT and business efficiency. bTrade was founded in 1990 and is led by eBusiness visionaries who have delivered industry-leading business integration solutions to thousands of enterprise customers worldwide. bTrade is privately held and profitable with its global headquarters located in Glendale, California USA.