How To

[How To] Fix Shell Shock Bash vulnerability Linux

A vulnerability Shell Shock CVE-2014-6271 was discovered on September 24th, in the Bash shell on Linux/Unix based servers.

Overview

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by
unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege boundary from Bash execution.
NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

How to check if Bash is vulnerable?

To test if your version of Bash is vulnerable to this issue, execute the following command:

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"

If the output of the above command looks as follows:

vulnerable
Testing Bash

then you are using a vulnerable version of Bash.

How to patch Bash?

For RedHat / CentOS/ Fedora/ RPM based OS:

yum upgrade bash

or

yum upgrade

You may also refer RedHat and CentOS  links.

For Ubuntu:

Refer the link here

How to verify if Bash is patched?

After patching Bash, execute following command

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"

If the output of the above command looks as follows then you are using a patched version of Bash.

Testing Bash

That's all folks!

Related Articles

Back to top button