Grid Guides

Explore How System On Grid Can Work For You

Grid Guide Topics

How to Protect your Server Against the Shellshock Bash Vulnerability

Table Of Contents


    ## Table of Contents

    – [Introduction](#introduction
    – [Check System Vulnerability](#check-system-vulnerability
    – [APT GET: Ubuntu/Debian](#apt-get-ubuntu-debian
    – [End of Life: Ubuntu/Debian Releases](#end-of-life-ubuntu-debian-releases
    – [YUM: CentOs/Red Hat/Fedora](#yum-centos-red-hat-fedora
    – [End of Life: CentOS/Red Hat/Fedora Releases](#end-of-life-centos-red-hat-fedora-releases
    – [Conclusion](#conclusion

    ## Introduction

    Shellshock is also known as Bash Bug. It is a software bug, that can allow an attacker to gain unauthorized access to the computer system. Bash acts a command language interpreter. Bash is widely used in Linux and Unix operating systems. Vulnerability potentially affects any computers running Bash. It could allow an attacker to gain control over a targeted computer if exploited. it affects Bash. Exploited systems include the following.

    Apache HTTP servers that use Common Gateway Interface (CGI scripts.
    Dynamic Host Configuration Protocol(DHCP clients.
    OpenSSH (Secure Shell servers that use the force command.
    Network exposed services that use Bash.

    Shellshock vulnerability is widely spread and particularly easy to exploit, It is highly recommended that affected systems need to be correctly updated to fix the vulnerability as soon as possible. In this guide, we will show you how to test if your machines are vulnerable, if they are, how to update Bash and remove the vulnerability.

    ## Check System Vulnerability

    On systems that run bash, you may check the system vulnerability by running the following command using Bash prompt.

    “`
    env ‘VAR=( { :;}; echo Bash is vulnerable!’ ‘FUNCTION(=( { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”
    “`

    Here echo Bash is vulnerable command represents where a remote attacker could inject malicious code. Bash is vulnerable and should be updated. if your bash is attacked you get the output as the following.

    Bash is vulnerable!

    If the output from the test command is the following, your Bash is safe from Shellshock:

    ![](http://

    ## Fix Vulnerability Update Bash

    Fix the vulnerability by using the default package manager to update the version of bash. Update Bash on various Linux distributions, Ubuntu, Debian, CentOs, Red Hat, Fedora.

    ## APT GET: Ubuntu/Debian

    Update Bash to the latest version on Ubuntu or Debian by apt-get using the following command.

    “`
    sudo apt-get update && sudo apt-get install –only-upgrade bash
    “`
    ![](http://

    Recheck system vulnerability by running the following command.

    “`
    env ‘VAR=( { :;}; echo Bash is vulnerable!’ ‘FUNCTION(=( { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”
    “`

    ![](http://

    ## End of Life: Ubuntu/Debian Releases

    It is considered as the end of life status if you are running a release of Ubuntu/Debian. You will have to upgrade to a supported version to use the package manager to update Bash. Upgrade to a new release by using the following command.

    “`
    sudo do-release-upgrade
    “`

    ![](http://

    Ensure that you update Bash after the upgrade is complete.

    ## YUM: CentOs/Red Hat/Fedora

    Update Bash to the latest version on CentOs / Red Hat / Fedora by yum using the following command.

    “`
    sudo yum update bash
    “`

    ![](http://

    Recheck system vulnerability by running the following command.

    “`
    env ‘VAR=( { :;}; echo Bash is vulnerable!’ ‘FUNCTION(=( { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”
    “`

    ![](http://

    ## End of Life: CentOS/Red Hat/Fedora Releases

    It is considered as the end of life status if you are running a release of CentOS / Red Hat / Fedora. You will have to upgrade to a supported version to use the package manager to update Bash. Upgrade to a new release by using the following command.

    “`
    sudo yum update
    “`

    ![](http://

    Ensure that you update Bash after the upgrade is complete.

    ## Conclusion

    Update all of your servers to the latest version of Bash.