A major flaw has been found in the BASH Shell for Linux,  CVE-2014-6271.  While in many cases this would require direct access to the system to take advantage of this flaw, if you have any CGI scripts on a website that are coded in BASH – your website may be in jeopardy.

All BASH versions from 3.0 to 4.3 have been patched be sure to apply the updates from your distribution.

National Vulnerability Database

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

Red Hat
https://access.redhat.com/articles/1200223

Oracle Linux
http://linux.oracle.com/cve/CVE-2014-6271.html

Debian
https://www.debian.org/security/2014/dsa-3032

Ubuntu
http://www.ubuntu.com/usn/usn-2362-1/