Ads

Fix Shell Sh Bash Vulnerability in Linux

A vulnerability Shell Shock was discovered on September 2014, in the Bash shell on Linux based servers. It is also known by the name as CVE-2014-6271



Overview of this Vulnerability


                    GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.





check if Bash is vulnerable?


To test if your version of Bash is vulnerable execute the following command:

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"                       
 
 
If the output of the above command looks as follows:


vulnerable
Testing Bash
then you are using a vulnerable version of Bash.

How to patch Bash?

For RedHat/CentOS/Fedora/RPM based OS:

yum upgrade bash



ads

Fix Shell Sh Bash Vulnerability in Linux

A vulnerability Shell Shock was discovered on September 2014, in the Bash shell on Linux based servers. It is also known by the name as ...