A vulnerability Shell Shock CVE-2014-6271 was discovered on September 24th, in the Bash shell on Linux/Unix based servers.
Overview
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by
unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege boundary from Bash execution.
NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.
How to check if Bash is vulnerable?
To test if your version of Bash is vulnerable to this issue, execute the following command:
env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"If the output of the above command looks as follows:
vulnerable Testing Bash
then you are using a vulnerable version of Bash.
How to patch Bash?
For RedHat / CentOS/ Fedora/ RPM based OS:
yum upgrade bashor
yum upgradeYou may also refer RedHat and CentOS links.
For Ubuntu:
Refer the link here
How to verify if Bash is patched?
After patching Bash, execute following command
env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"If the output of the above command looks as follows then you are using a patched version of Bash.
Testing Bash
That's all folks!
