Arduino (1) Bugs (3) C (1) Install (3) Linux (25) Maths (1) Python (11) Raspberry Pi (4)

Wednesday, 29 June 2016

Are you vulnerable to the bash bug?

The Bash bug or shell shock as it is also known, is a bug in the bash shell. It allows code to be remotely executed on your server. This could lead to malicious code being installed to your server and it no longer being your server.(CVE-2014-6271)

How to test if you are vulnerable:
First you will need to open a terminal on your server/PC.
You now need to enter this command:
env x='() { :;}; echo this text should not be seen' bash -c 'echo This text should be seen'
If you get the message "this text should not be seen" then you are vulnerable.

How to patch this vulnerability:
To patch this vulnerability we need to update bash.
This is a simple task that can be solved in a few commands.

Debian systems patch:
Run these commands.
sudo apt-get update
sudo apt-get install bash

Fedora systems patch:
Run these commands.  
sudo yum update -y bash

You have now updated your bash shell and will no longer be vulnerable.