Monday, September 29, 2014

How to fix Shellshock (CVE-2014-6271 bash vulnerability)

PROBLEM:
You need to fix remote code execution through bash (Shellshock)

SOLUTION:

Ubuntu
sudo apt-get update && sudo apt-get install bash
See more details here

Centos
sudo yum update bash
See more details here

Do I need to reboot or restart services after installing this update?
No, a reboot of your system or any of your services is not required. This vulnerability is in the initial import of the process environment from the kernel. This only happens when Bash is started. After the update that fixes this issue is installed, such new processes will use the new code, and will not be vulnerable. Conversely, old processes will not be started again, so the vulnerability does not materialize.

Shellshock vs. Heartbleed
Heartbleed allowed remote access to small amount of data in the memory of affected machines. Shellshock is enabling remote code injection of arbitrary commands pre-auth which is potentially far more dire.

If you find this useful, you are welcome to press one of the ads in this page.. Thanks!