There has been a lot of panic in the press recently about a new vulnerability found in the Unix Bash shell that can allow an attacker to execute commands on a target machine. Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet processes, such as web servers, use Bash to process commands, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system.
The training company Pluralsight has released a short 15 minute video explaining how the vulnerability works with a good example. It’s well worth a watch just so you understand what is going on with it.