I Need To Make A Change With My IT Support! Call (225) 706-8414

How to test for and patch the “Shellshock” Bash bug on Linux & Mac OS X

You are trying to check for and patch the Shellshock Bash bug vulnerability on Linux & Mac OS X systems.

Solution

Credit to: Mitchell Anicas @ www.digitalocean.com

https://www.digitalocean.com/community/tutorials/how-to-protect-your-server-against-the-shellshock-bash-vulnerability

The Shellshock Bash bug is a vulnerability that affects Linux, BSD, and Mac OS X systems. Unpatched Bash versions 1.14 to 4.3 are affected. The vulnerability can be exploited on systems that run Services or applications that allow unauthorized remote users to assign Bash environment variables.

Some examples of exploitable systems are as follows:

  • Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
  • Certain DHCP clients
  • OpenSSH servers that use the ForceCommand capability
  • Various network-exposed services that use Bash

Check System Vulnerability

Run the following command in a Bash prompt in order to check for vulnerability:

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

If the following output is displayed then the system is vulnerable to the bug:

Bash is vulnerable!
Bash Test

If the only thing that is output from the test command is the following, your Bash is safe from Shellshock:

Bash Test

How to Update Linux Releases & Max OS X
APT-GET: Ubuntu / Debian
For currently supported versions of Ubuntu or Debian, update Bash to the latest version available viaapt-get:

sudo apt-get update && sudo apt-get install --only-upgrade bash

End of Life Ubuntu / Debian Releases
If you are running a release of Ubuntu / Debian that is considered end of life status, you will have to upgrade to a supported to use the package manager to update Bash. The following command can be used to upgrade to a new release (it is recommended that you back up your server and important data first, in case you run into any issues):

sudo do-release-upgrade

After the upgrade is complete, ensure that you update Bash.

YUM: CentOS / Red Hat / Fedora
Update Bash to the latest version available via yum:

sudo yum update bash

End of Life CentOS / Red Hat / Fedora Releases
If you are running a release of CentOS / Red Hat / Fedora that is considered end of life status, you will have to upgrade to a supported to use the package manager to update Bash. The following command can be used to upgrade to a new release (it is recommended that you back up your server and important data first, in case you run into any issues):

sudo yum update

After the upgrade is complete, ensure that you update Bash.

Mac OS X

Apple has released software updates to patch OS X Lion, Mountain Lion, and Mavericks. Yosemite will include the patched code by default. The software updates require OS X versions 10.7.5, 10.8.5, and 10.9.5, respectively.

 

Concerned About Cyber Attacks?

CLICK HERE >

Want to Migrate to the Cloud?

CLICK HERE >
Office 365

Ready to Experience Microsoft Office 365?

Want the latest IT news directly in your inbox? Subscribe now!