Bash vulnerability (Shellshock/Bashdoor)
Recently it has been found the vulnerability that was given two names at once Shellshock and Bashdoor. According to Internet sources Shellshock theoretically can allow an attacker to take control of the system. To resolve this vulnerability, we recommend you to upgrade to the latest version of bash on your Linux VPS. You can upgrade your operation system to the latest version, which will also update bash. You can update bash the following way:The solution of the problem CVE-2014-6271 for Redhat\CentosYou need to connect to the server via SSH and run the following commands: yum update bash
yum update bash-4.1.2-15.el6_5.1 Then you must reboot the system. The solution of the problem CVE-2014-6271 for Debian\UbuntuYou need to connect to the server via SSH and check the bash package version. To do it run the following command: dpkg -s bash | grep Version
Then update the bash version: sudo apt-get update && sudo apt-get install bash
Also, you can check the invulnerability of bash version by using the command in the console: env X="() { :;} ; echo Bash is vulnerable" bash -c "echo Bash is OK"
In case it shows "Bash is OK" - it means that updating went successfully, in case of "Bash is vulnerable" - the bash is still vulnerable. To update the operation system:CentOSYou need to connect to the server via SSH and run the following command: yum update
Then you must reboot the system. Debian\UbuntuYou need to connect to the server via SSH and run the following commands: sudo apt-get update
sudo apt-get upgrade Then you must reboot the system. Versions that are vulnerable:Red Hat bash distributions: The distributions that contain vulnerable bash: Red Hat Enterprise Linux 7 Also all versions of CentOS beginning with the 4th are vulnerable. In case you have any questions - please, contuct us at [email protected] Looking for a Linux VPS? Check our offers for European and USA VPS hosting with different types of virtualization. |