Bash remote arbitrary code execution Security Vulnerability (most serious vulnerability)

Bash remote arbitrary code execution Security Vulnerability (most serious vulnerability)

US-CERT is aware that Bash has a security vulnerability that directly affects Unix-based systems (such as Linux and OS X ). This vulnerability causes remote attackers to execute arbitrary code on the affected system.

US-CERT recommends that users and administrators review this RedHat security blog. For more details, refer to the corresponding Linux publisher to obtain the corresponding patch.

You can use the following command to check whether the system has this vulnerability:

Env x = '() {:;}; echo vulnerable' bash-c "echo this is a test"

Affected systems include:

• CentOS

• Debian

• Redhat

• Ubuntu

Red Hat system can solve this problem by updating bash and restarting the system:

# Yum update bash

Or:

# Yum update bash-4.1.2-15.el6_5.1

This operation only updates the bash package and requires a system restart to take effect.

Ubuntu users can install patches through the following command without restarting:

Apt-get update
Apt-get install bash

Gitlab-shell is affected by Bash CVE-2014-6271 Vulnerability

Linux security vulnerability exposure Bash is more serious than heartbleed

This article permanently updates the link address: