How to protect Ubuntu against the Shellshock exploit

Shellshock is quite a serious security hole found a couple of days ago in Bash; to check whether your Ubuntu server is vulnerable run the following in a terminal:

 

env VAR='() { :;}; echo Shellshock vulnerable!‘ bash -c “echo Bash Testing”

 

If your system is vulnerable, you will see:

 

Shellshock vulnerable!

Bash testing

 

If it is not vulnerable, you will see:

 

bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for `VAR’
Bash testing

 

If you are vulnerable, you can update bash by running the following:

sudo apt-get update && sudo apt-get install --only-upgrade bash

 

Once the update has finished, run the code to check your vulnerability again and it should be sorted. NOTE! Only the currently-supported versions of Ubuntu will get the bash update – if you are running anything older (e.g. 13.04, 13.10 or anything older that isn’t a still-supported LTS release) you will need to update your Ubuntu install to have the above work.


Posted

in

, ,

by