Grid Guides

Explore How System On Grid Can Work For You

How to Protect your Server Against the Shellshock Bash Vulnerability


Table of Contents

Introduction

Shellshock is also known as Bash Bug. It is a software bug, that can allow an attacker to gain unauthorized access to the computer system. Bash acts a command language interpreter. Bash is widely used in Linux and Unix operating systems. Vulnerability potentially affects any computers running Bash. It could allow an attacker to gain control over a targeted computer if exploited. it affects Bash. Exploited systems include the following.

Apache HTTP servers that use Common Gateway Interface (CGI) scripts. Dynamic Host Configuration Protocol(DHCP) clients. OpenSSH (Secure Shell) servers that use the force command. Network exposed services that use Bash.

Shellshock vulnerability is widely spread and particularly easy to exploit, It is highly recommended that affected systems need to be correctly updated to fix the vulnerability as soon as possible. In this guide, we will show you how to test if your machines are vulnerable, if they are, how to update Bash and remove the vulnerability.

Check System Vulnerability

On systems that run bash, you may check the system vulnerability by running the following command using Bash prompt.

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

Here echo Bash is vulnerable command represents where a remote attacker could inject malicious code. Bash is vulnerable and should be updated. if your bash is attacked you get the output as the following.

Bash is vulnerable!

If the output from the test command is the following, your Bash is safe from Shellshock:

Fix Vulnerability Update Bash

Fix the vulnerability by using the default package manager to update the version of bash. Update Bash on various Linux distributions, Ubuntu, Debian, CentOs, Red Hat, Fedora.

APT GET: Ubuntu/Debian

Update Bash to the latest version on Ubuntu or Debian by apt-get using the following command.

sudo apt-get update && sudo apt-get install --only-upgrade bash

Recheck system vulnerability by running the following command.

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

End of Life: Ubuntu/Debian Releases

It is considered as the end of life status if you are running a release of Ubuntu/Debian. You will have to upgrade to a supported version to use the package manager to update Bash. Upgrade to a new release by using the following command.

sudo do-release-upgrade

Ensure that you update Bash after the upgrade is complete.

YUM: CentOs/Red Hat/Fedora

Update Bash to the latest version on CentOs / Red Hat / Fedora by yum using the following command.

sudo yum update bash

Recheck system vulnerability by running the following command.

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

End of Life: CentOS/Red Hat/Fedora Releases

It is considered as the end of life status if you are running a release of CentOS / Red Hat / Fedora. You will have to upgrade to a supported version to use the package manager to update Bash. Upgrade to a new release by using the following command.

sudo yum update 

Ensure that you update Bash after the upgrade is complete.

Conclusion

Update all of your servers to the latest version of Bash.