Linux Bash critical bug fix method

Bash is a Unix shell written for the GNU program. : Bourne-again shell-This is a pun about the Bourne SHell (SH) (Bourne again/born Again). Bourne Shell is an early and important shell, written by Steve Burn around 1978, and released with version 7 Unix. Bash was created by Blaine Fox in 1987. In 1990, Chet Ramey became the main maintainer.

Where the shell is located in the Linux system:

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/4C/8A/wKiom1Q_gXixhs7zAAEF2uc0B4A536.jpg "title=" The location of the Shell in Unix-and Unix-like systems "alt=" wkiom1q_gxixhs7zaaef2uc0b4a536.jpg "/>

Common Linux and UNIX operating system environments use shells with Bourne shell (SH), KornShell (ksh), C Shell (csh), Bourne-again Shell (bash), today's CentOS, The shell used in Rhel and Ubuntu systems is the Bourne-again shell (bash), and this time the flaw is bash.

Hackers will use this vulnerability to monitor the system, obtain system information, The vulnerability invokes a special environment variable created before the bash shell, which can contain code while being executed by bash. But this does not mean that, like other users on the network can get control of the computer, although the hacker exploited the vulnerability does not have control rights, but it is easy to leak computer-related information, so as to facilitate the hacker attack, so the vulnerability is still very dangerous. However, as long as it is a shell loophole, it is very dangerous. Shell as a bridge between human and computer communication, if this layer of bridge problems, the consequences imaginable.

If your bash version is below 4.3 It is recommended to fix the vulnerability.

Vulnerability Detection Method command:env x= ' () {:;}; echo vulnerable ' bash-c "echo this is a test"

If the command is executed, the output "This is a test" means that the presence of this vulnerability in bash will execute our echo statement.

Repair method:

centos| | RHEL:

Perform yum-y update bash

Ubuntu

14.04 64bit:

wget http://download.wx.51idc.com:8000/hotfix/bash_4.3-7ubuntu1.1_amd64.deb && dpkg-i bash_4.3-7ubuntu1.1_ Amd64.deb

14.04 32bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.3-7ubuntu1.1_i386.deb && dpkg-i bash_4.3-7ubuntu1.1_ I386.deb

12.04 64bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.2-2ubuntu2.2_amd64.deb && dpkg-i bash_4.2-2ubuntu2.2_ Amd64.deb

12.04 32bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.2-2ubuntu2.2_i386.deb && dpkg-i bash_4.2-2ubuntu2.2_ I386.deb

10.x64bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.1-2ubuntu3.1_amd64.deb && dpkg-i bash_4.1-2ubuntu3.1_ Amd64.deb

10.x32bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.1-2ubuntu3.1_i386.deb && dpkg-i bash_4.1-2ubuntu3.1_ I386.deb

//////////

Debian:

7.5 64bit && 32bit

Apt-get-y Install--only-upgrade Bash

6.0.x 64bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.1-3+deb6u1_amd64.deb && dpkg-i bash_4.1-3+deb6u1_ Amd64.deb

6.0.x 32bit

wget http://download.wx.51idc.com:8000/hotfix/bash_4.1-3+deb6u1_i386.deb && dpkg-i bash_4.1-3+deb6u1_ I386.deb

/////////

openSUSE

13.1 64bit

wget http://download.wx.51idc.com:8000/hotfix/bash-4.2-68.4.1.x86_64.rpm && RPM-UVH bash-4.2-68.4.1.x86_ 64.rpm

13.1 32bit

wget http://download.wx.51idc.com:8000/hotfix/bash-4.2-68.4.1.i586.rpm && RPM-UVH bash-4.2-68.4.1.i586.rpm

When the patch is repaired, bash makes an error when executing the appeal code, thus not executing the shell command in the code.

BASH:WARNING:X: Ignoring function definition attempt

Bash:error importing function definition for ' x '

Before the update, it is best to make a backup, if there is a problem, can be restored, do not affect the existing system services

Linux Bash critical bug fix method