Hello Linux Geeksters. As you may know, a critical Bash vulnerability has been recently discovered, being referred by some as “Shellshock“.
Via this exploit, attackers can gain control of systems remote and execute malicious code. Technically, the systems that allow SSH access from remote connections or web servers that run server site scripting are in danger.
Attackers are able to launch malicious code on the server, locally or via OpenSSH by sending infected web request by setting headers in a web request, or by setting weird mime types.
How to test if your bash version is vulnerable:
This Bash critical issue has been discovered by the Red Hat developers, who have also posted a test command for you to see if your bash at risk or not. Open a terminal and launch the below command:
$ env x='() { :;}; echo vulnerable' bash -c "system"
If your system is vulnerable, you will get an output like this:
vulnerable
system
A healthy bath will display the below output:
$ env x='() { :;}; echo vulnerable' bash -c "echo system" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test
system
Despite the fact that the developers of the main Linux systems have created an update patch, it is still incomplete, so we have to install a new and unaffected version of bash, from sources.
In this article I will show you you how to fix the shellshock vulnerability on Ubuntu 14.10 Utopic Unicorn, Ubuntu 14.04 Trusty Tahr, Ubuntu 12.04 Precise Pangolin, Linux Mint 17 Qiana, Linux Mint 13 Maya, Pinguy OS 14.04, Elementary OS 0.3 Freya, Elementary OS 0.2 Luna, Deepin 2014, Peppermint Five, LXLE 14.04, Linux Lite 2.0, Debian Jessie, Debian Wheezy, Debian Sid, Fedora 21, Fedora 20 and Fedora 19 systems.
Debian Sid provides an unaffected version of bash, so all you have to do is:
$ sudo apt-get update
$ sudo apt-get install bash
For Ubuntu 14.10, Ubuntu 14.04, Ubuntu 12.04, Debian Jessie, Debian Wheezy and derivatives, we will use the bash version of Debian Sid:
$ wget http://ftp.debian.org/debian/pool/main/b/bash/bash_4.3-9.1_$(dpkg --print-architecture).deb
$ sudo dpkg -i bash_4.3-9.1_*.deb
Also, the Fedora Project provides bash packages for the latest Fedora systems:
For Fedora 21:
$ wget http://kojipkgs.fedoraproject.org/packages/bash/4.3.25/2.fc21/src/bash-4.3.25-2.fc21.src.rpm
$ sudo yum install bash-4.3.25-2.fc21.src.rpm
For Fedora 20:
$ wget https://kojipkgs.fedoraproject.org//packages/bash/4.2.47/2.fc20/src/bash-4.2.47-2.fc20.src.rpm
$ sudo yum install bash-4.2.47-2.fc20.src.rpm
For Fedora 19:
$ wget https://kojipkgs.fedoraproject.org//packages/bash/4.2.47/2.fc19/src/bash-4.2.47-2.fc19.src.rpm
$ sudo yum install bash-4.2.47-2.fc19.src.rpm