[How To] Fix Shell Shock Bash vulnerability Linux

A vulnerability Shell Shock CVE-2014-6271) was discovered on September 24th, in the Bash shell on Linux/Unix based servers.

Overview

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the
values of environment variables, which allows remote attackers to write to files or possibly have unknown other
impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in
OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by
unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege
boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2014-6271.

How to check if Bash is vulnerable?

To test if your version of Bash is vulnerable to this issue, execute the following command:

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"

If the output of the above command looks as follows:

vulnerable
Testing Bash

then you are using a vulnerable version of Bash.

How to patch Bash?

For RedHat/CentOS/Fedora/RPM based OS:

yum upgrade bash

or

yum upgrade

You may also refer RedHat and CentOS  links.

For Ubuntu:

Refer the link here

How to verify if Bash is patched?

After patching Bash, execute following command

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"

If the output of the above command looks as follows:

Testing Bash

then you are using a patched version of Bash.

Share on Facebook3
Share on Google+3Tweet about this on TwitterShare on StumbleUpon1Share on LinkedIn1Share on Tumblr0Digg thisPin on Pinterest0Share on Reddit0Email this to someonePrint this page
A vulnerability Shell Shock CVE-2014-6271) was discovered on September 24th, in the Bash shell on Linux/Unix based servers. Overview GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE:…

Review Overview

User Rating: 4.9 ( 1 votes)

About Abhijit Sandhan

Abhijit Sandhan
Loves Linux, Blogging, Traveling, Hiking and sharing knowledge!

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA