Wednesday, 13 September 2017

How To Fix Shell Shock Bash Vulnerability in Linux

A vulnerability Shell Shock was discovered on September 2014, in the Bash shell on Linux based servers. It is also known by the name as CVE-2014-6271

Overview of this Vulnerability

                    GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi & mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, & other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

check if Bash is vulnerable?

To test if your version of Bash is vulnerable execute the following command:

 env x='() { :;}; echo vulnerable' bash -c "echo Testing Bash"                       
If the output of the above command looks as follows:

Testing Bash
then you are using a vulnerable version of Bash.

How to patch Bash?

For RedHat/CentOS/Fedora/RPM based OS:

yum upgrade bash

No comments:

Post a Comment

Best forums to know about latest technology

Best websites/blogs/forums to know about latest technology For technology Digital Trends Web Trends Technology Technology T...