How to protect Debian from the Shellshock exploit

Shellshock is quite a serious security hole found a couple of days ago in Bash; to check whether your Debian server is vulnerable run the following in a terminal:

env VAR='() { :;}; echo Shellshock vulnerable!‘ bash -c “echo Bash Testing”

If your system is vulnerable, you will see:

Shellshock vulnerable!

Bash testing

If it is not vulnerable, you will see:

bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for `VAR’
Bash testing

If you are vulnerable, you can update bash by running the following:

sudo apt-get update && sudo apt-get install --only-upgrade bash

Once the update has finished, run the code to check your vulnerability again and it should be sorted.





Posted

in

, ,

by