Shellshock — Am I vulnerable and what do I do?

Shane Dowling
Sep 25, 2014 · 1 min read
Image for post
Image for post

`Shellshock `__ is the
latest Heartbleed level vulnerability to be discovered. It’s a pretty
long running exploit in how bash handles environment variables. It’s a
good thing to fix asap, especially if you’re running any old services
like telnet, ftp or an old version of apache.

Is my server vulnerable?

Run this.

env x='() { :;}; echo vulnerable' bash -c 'echo test'

If you see

vulnerable
test

You should patch immediately.

However if you see.

test

You should be okay.

How to fix?

Centos/RedHat

yum update bash

Debian/Ubuntu

sudo apt-get update && sudo apt-get install bash

OSX

Unless your running OSX as a critical server somewhere remote, I’d hold
off the solution for now and wait for Apple to distribute an update. If
you need to update.

  • Install homebrew
brew update

Then run

brew update bash

Backup your existing vulnerable bash

cp /usr/local/bin/bash /usr/local/bin/bash_old

Then symlink to the new brew installed bash

ln -s /usr/local/Cellar/bash/4.3.25/bin/bash /usr/local/bin/bash

Finally reboot!

Keep an eye on these solutions as time goes on as I fear these patches might not solve the whole problem.

Tech Blog

Random smattering of technical posts

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store