How to Protect your Server Against the Shellshock Bash Vulnerability
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
On each of your systems that run Bash, you may check for Shellshock vulnerability by running the following command at the bash prompt.
Commands:
env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Ubuntu / Debian
sudo apt-get update && sudo apt-get install --only-upgrade bash
Or for CentOS / Red Hat / Fedora
sudo yum udate bash
Links for more info:
http://web.nvd.nist.gov/view/vuln/det...
http://web.nvd.nist.gov/view/vuln/det...
https://access.redhat.com/security/cv...
https://access.redhat.com/security/cv...
Test you websites:
http://shellshock.brandonpotter.com/
You can always Deploy an SSD cloud server in 55 seconds
with Digitalocean.
Anyone how use this link will receive $10 in hosting credit immediately after unlocking their account by adding a valid payment method.
Sign Up with this link
https://www.digitalocean.com/?refcode...
(affiliate, referral)
