Scan for ShellShock with Acunetix Web Vulnerability Scanner

ShellShock, dubbed the BIG BUG of 2014, is causing a huge stir in the IT community, with researchers still getting to grips with the damage caused. Also referred to as the BASH Bug, this vulnerability has been assigned the highest CVSS score of 10, a score that not even the notorious HeartBleed achieved. The high score is more than warranted since this Bourne-again Shell vulnerability is very easy to exploit allowing pretty much any script kiddie to take control of a vulnerable server and execute arbitrary code. Acunetix Web Vulnerability Scanner (WVS) has already been updated to identify web servers vulnerable to ShellShock while Acunetix Online Vulnerability Scanner (OVS) has been updated to detect ShellShock on perimeter servers. Users of the most recent Acunetix Web Vulnerability Scanner (WVS) version will be prompted to install an update next time they start Acunetix WVS. Older version users with upgrade entitlement can also get the latest build of Acunetix WVS by downloading it from here and installing it over the current system (backup recommended).

If you don’t have Acunetix, Alliance offers the Acunetix licensing and Acunetix training.