Very true. To be clear to other readers, busybox is more common in smaller embedded devices, though today's AlienVault blog post [1] showed that Mitel VoIP systems (which use Debian/ARM, if I recall) use bash and are vulnerable.

[1] http://www.alienvault.com/open-threat-exchange/blog/attacker...