Linux Bash severe vulnerability emergency repair solution, bash severe vulnerability

Source: Internet
Author: User
Tags aliyun

Linux Bash severe vulnerability emergency repair solution, bash severe vulnerability

Recommendation: 10-year technical masterpiece: High-Performance Linux Server build Practice II is released across the network, with a trial reading chapter and full-book instance source code download!

Today, a Bash security vulnerability has been detected. Bash has a security vulnerability that directly affects Unix-based systems (such as Linux and OS X ). This vulnerability causes remote attackers to execute arbitrary code on the affected system.


[Software and system confirmed to be used successfully]
All Linux operating systems that have installed GNU bash versions earlier than or equal to 4.3.
 
[Vulnerability description]
This vulnerability is caused by the special environment variables created before the bash shell you call. These variables can contain code and will be executed by bash.

[Vulnerability Detection Method]
Vulnerability Detection command: $ env x = '() {:;}; echo vulnerable' bash-c "echo this is a test"
Vulnerable
This is a test
If it is shown above, it is a pity that you must immediately install a security patch.


[Recommended repair solution]

Note: The Fix will not be affected.

Select the command to be repaired based on the Linux version:

Centos:
Yum-y update bash
 
Ubuntu:
14.04 64bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_amd64.deb & dpkg-I bash_4.3-7ubuntu1.1_amd64.deb
 
14.04 32bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_i386.deb & dpkg-I bash_4.3-7ubuntu1.1_i386.deb
 
 
12.04 64bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_amd64.deb & dpkg-I bash_4.2-2ubuntu2.2_amd64.deb
 
12.04 32bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_i386.deb & dpkg-I bash_4.2-2ubuntu2.2_i386.deb
 
10. × 64bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_amd64.deb & dpkg-I bash_4.1-2ubuntu3.1_amd64.deb
 
10. × 32bit
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_i386.deb & dpkg-I bash_4.1-2ubuntu3.1_i386.deb
 
 
Debian:
7.5 64bit & 32bit
Apt-get-y install -- only-upgrade bash
 
6.0.x 64bit
Wget http://mirrors.aliyun.com/debian/pool/main/ B /bash/bash_4.1-3%2bdeb6u1_amd64.deb & dpkg-I bash_4.1-3 + deb6u1_amd64.deb
 
6.0.x 32bit
Wget http://mirrors.aliyun.com/debian/pool/main/ B /bash/bash_4.1-3%2bdeb6u1_i386.deb & dpkg-I bash_4.1-3 + deb6ustmi386.deb
 
Opensuse:
13.1 64bit
Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.x86_64.rpm & rpm-Uvh bash-4.2-68.4.1.x86_64.rpm
 
 
13.1 32bit
Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.i586.rpm & rpm-Uvh bash-4.2-68.4.1.i586.rpm
 
Aliyun linux:
5. x 64bit
Wget http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm & rpm-Uvh bash-3.2-33.el5.1.x86_64.rpm
 
5. x 32bit
Wget http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm & rpm-Uvh bash-3.2-33.el5.1.i386.rpm


[Patch completion test]
After bash is upgraded, run the following test:
$ Env x = '() {:;}; echo vulnerable 'bash-c "echo this is a test"
Bash: warning: x: ignoring function definition attempt
Bash: error importing function definition for 'X'
This is a test


If it is shown above, the vulnerability has been fixed.
Linux bash vulnerability affects centos

It is said that this vulnerability is very serious, and the details are unknown. The default Shell of centOS is bash, and it is estimated that it is hard to escape.

Linux bash vulnerability affects centos

It is said that this vulnerability is very serious, and the details are unknown. The default Shell of centOS is bash, and it is estimated that it is hard to escape.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.