On September 24 multiple Linux vendors began disclosing details about a vulnerability (CVE-2014-6271 and CVE-2014-7169) in the commonly used Bourne Again Shell (Bash). Dubbed "Shellshock," the vulnerability poses a potential threat in most Linux and Unix distributions. In the simplest of terms, exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system.
Upon learning of this new security vulnerability, we immediately began assessing the potential threat in regard to Redtail's infrastructure and determined that none of our systems were currently vulnerable. That said we did proceed with applying the recommended patch for this vulnerability to any of our servers that had the potential to be affected by this threat in the future.
Rest assured we take all threats of this nature seriously and we will continue to monitor ongoing updates concerning Shellshock and react accordingly should additional action be required on our end.