Thursday, September 25, 2014

Shell Shock Vulnerability: How to test and patch your Debian and Ubuntu machines from the "Shell Shock" vulnerability

'Shell Shock' is a very new vulnerability that has just come to light and it seems like it might be a pretty bad.  One of my co-workers just told me about this.

Luckily the fix is pretty start forward:


$  sudo apt-get update;sudo apt-get install bash
If your system is vulnerable, the following command will print out 'vulnerable'

$  env var='() { ignore this;}; echo vulnerable' bash -c /bin/true
After you have patched your system, the same test will provide different output:

$ env var='() { ignore this;}; echo vulnerable' bash -c /bin/true
bash: warning: var: ignoring function definition attempt
bash: error importing function definition for `var'


Happy patching!



http://ubuntuforums.org/showthread.php?t=2245631

http://seclists.org/oss-sec/2014/q3/650

No comments: