Bash “Shellshock” Bug – Quick Vulnerability Test and Patch

  By Scott 2014-09-25

This is not meant as a comprehensive guide to the Bash “shell shock” bug, but as a quick reference to test and patch for the vulnerability.

First, test your version of Bash with this line:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If you get the world “vulnerable” in your output then you need to update Bash:

vulnerable
this is a test

If your output contains errors followed by “this is a test”, then your Bash version is not vulnerable:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

Check to see if your distribution has an updated/fixed version of Bash available in its repository.

I’m a heavy CentOS user, and I can verify that there is a fixed version available for both CentOS 5 and 6.

This is all you technically need:

yum update bash

It’s always recommended to fully update your system, but if you’re purposefully running “legacy” or deprecated versions of software then it can be advantageous (or necessary) to manually update Bash at minimum right now.

Shellshock

About Scott

I'm a computer guy with a new house and a love of DIY projects. I like ranting, and long drives on your lawn. I don't post everything I do, but when I do, I post it here. Maybe.
Tagged  , .
Bookmark the permalink.

Leave a Reply