As you may or may not be aware, a new GNU bash exploit has been disclosed by the name of ShellShock, (CVE-2014-6271). This affects the VPS hosting clients running Linux.
What can ShellShock be used for?
ShellShock makes your servers vulnerable to remote attacks from attackers without you in the knowledge. The most common attack is attackers writing CGI to remotely perform commands on a vulnerable target.
Am I vulnerable?
You can easily check if you are vulnerable to a attack. To do so, enter the following command in your shell.
env ‘VAR=() ; echo Bash is vulnerable!’ ‘FUNCTION()=() ; echo Bash is vulnerable!’ bash -c “echo Bash Test” .
If the code reports Bash is vulnerable!, you are vulnerable.
How can I protect my Shell?
Luckily, a patch has been released and is avaliable to upgrade. You can upgrade your BASH by following the below commands.
sudo yum update bash -y
sudo apt-get update && sudo apt-get install –only-upgrade bash
[root@xxx ~]# yum update bash -y
Loaded plugins: fastestmirror, protectbase, replace
Determining fastest mirrors
* base: mirrors.einstein.yu.edu
* updates: distro.ibiblio.org
* addons: mirror.thelinuxfix.com
* extras: mirrors.tummy.com
lxcenter-updates | 2.5 kB 00:00
kbs-CentOS-Extras | 1.9 kB 00:00
lxcenter-extra | 951 B 00:00
base | 1.1 kB 00:00
primary.xml.gz | 996 kB 00:01
updates | 1.9 kB 00:00
primary.sqlite.bz2 | 32 kB 00:00
addons | 1.9 kB 00:00
kbs-CentOS-Testing | 1.9 kB 00:00
extras | 2.1 kB 00:00
0 packages excluded due to repository protections
Setting up Update Process
There are unfinished transactions remaining. You mightconsider running yum-compl
ete-transaction first to finish them.
--> Running transaction check
---> Package bash.i386 0:3.2-33.el5_11.4 set to be updated
--> Finished Dependency Resolution
Package Arch Version Repository Size
bash i386 3.2-33.el5_11.4 updates 1.8 M
Install 0 Package(s)
Update 1 Package(s)
Remove 0 Package(s)
Total download size: 1.8 M
bash-3.2-33.el5_11.4.i386.rpm | 1.8 MB 00:03
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Updating : bash [1/2]
Cleanup : bash [2/2]
Updated: bash.i386 0:3.2-33.el5_11.4