How to protect your CentOS server from the Shellshock exploit

Shellshock is quite a serious security hole found a couple of days ago in Bash; to check whether your CentOS server is vulnerable run the following in a terminal:

env VAR='() { :;}; echo Shellshock vulnerable!' bash -c "echo Bash Testing"

If your system is vulnerable, you will see:

Shellshock vulnerable!

Bash testing

If it is not vulnerable, you will see:

bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for `VAR’
Bash testing

If you are vulnerable, you can update bash by running the following:

sudo yum update bash

Once the update has finished, run the code to check your vulnerability again and it should be sorted.





Posted

in

, ,

by