Sep25

Bash Critical Vulnerability – Check Now!

There has been a critical vulnerability found in Bash. The vulnerability affects Linux/Unix distributions that use or have Bash installed.

For additional information on this vulnerability please click here. 

We advise all our clients to keep their servers & software updated constantly to make sure their servers are at minimal risk of potential vulnerabilities. For this particular vulnerability we recommend reading the following links and taking action as soon as possible:

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

https://access.redhat.com/articles/1200223

To test if your version of Bash is vulnerable, run the following command:

$ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”

If the output of the above command looks as follows:

vulnerable
this is a test

You are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function.

If you run the above example with the patched version of Bash, you should get an output verifying you are not vulnerable:

$ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test

Please contact our support team on support@uk2.net if you would like any help in applying the patch or have further questions about this vulnerability.

This article was brought to you by VI.net, for dedicated server hosting, cloud servers and 24/7 support visit our site here www.vi.net

No Comments

Comments are closed.

Stop blending in with the rest of the crowd and start leaving your mark on the web