"A newly discovered security bug in a widely used piece of Linux software, known as "Bash," could pose a bigger threat to computer users than the "Heartbleed" bug that surfaced in April, cyber experts warned on Wednesday. Bash is the software used to control the command prompt on many Linux computers. Hackers can exploit a bug in Bash to take complete control of a targeted system, security experts said. The Department of Homeland Security's United States Computer Emergency Readiness Team, or US-CERT, issued an alert saying the vulnerability affected Unix-based operating systems including Linux and Apple Inc's Mac OS X"
http://www.nbcnews.com/tech/security/new-bash-bug-could-pose-bigger-threat-heartbleed-n211006Bug? This has actually been known by myself since 98-99, and I found it online!! Along with how to create a root account on a unix system, using 98se. I should run an ftp server for those wishing to contribute to server costs lol, just to give access to a pentesters exploits..
Maybe you mean this one from 1999:
http://www.cvedetails.com/cve/CVE-1999-0491/The currently found bug is much worse:
http://www.cvedetails.com/cve/CVE-2014-6271/"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. "
