Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell. The vulnerability affects most of the Linux distributions and servers worldwide. It may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well. There is as of yet no official patch that completely addresses both vulnerabilities, including the second, which allows an attacker to overwrite files on the targeted system. Oracle has also confirmed that over 32 of its products are affected by the “Shellshock” vulnerability.
Source: https://thehackernews.com/2014/09/Shellshock-Bash-Vulnerability-exploit.html