A remotely exploitable vulnerability has been found in the BASH Shell. BASH is isntalled on almost all servers, so it is highly recommended that you update your servers as soon as possible. Bash updates are provided by the Linux Distributions. Debian and Centos have released updates already. The other Linux Distributions will most likely follow soon. Details: http://permalink.gmane.org/gmane.linux.debian.user.security.announce/3194 http://www.csoonline.com/article/26...ity/remote-exploit-in-bash-cve-2014-6271.html TEST your server: Code: test="() { echo Hello; }; echo hacked" bash -c "" Execute the command above on the shell, if it returns the word "hacked", then your shell is vulnerable.
So how do you easily update bash? apt-get update / apt-get upgrade do not give me any updates for my Debian OS. edit. I guess it's because I'm still on Debian 6.0.10 (squeeze)
Which Debian version do you use? I have updates for wheezy here with apt-get update / apt-get upgrade.
The updates for squeeze are not available yet. But I'am sure they will push them out trough the lts repository in the next few hours. just ensure that you have the lts repos enabled: http://www.howtoforge.com/how-to-get-lts-updates-for-debian-6-squeeze
On Ubuntu, a very easy and quick fix is the following: Code: apt-get update apt-get install --only-upgrade bash Of course a Code: apt-get dist-upgrade works too, but if you want to be extra quick and don't want to upgrade any other packages because of possible unwanted side-effects, the above way is an option. Tested it on my ubuntu 12.04 servers and Debian Wheezy.
Thanks for the information It should be noted that Jailkit jails might need to be updated as well (if no hardlinks were used). A quick'n'dirty (ready to be pasted) solution could be: Code: for bash in `find /var/www/clients/ -type f -name "bash" -uid 0`; do jail=`dirname $bash` jail=`dirname $jail` jk_update -d --jail $jail /bin/ done Not pretty, but works
I have a pair of Fedora 15? I think running ISPConfig 3 that I need to update. I am running the latest version that supported ISPConfig3, and it runs my DNS. Yum and Apt dont show any updates, so whats next? We also have a RH3 dinosaur out there that is in desperate need of patching. All the servers are behind firewalls, with restricted shell access to them, anything I can do on the firewalls to help block attempts?
