Linux Bash Critical Vulnerability Emergency Repair solution

Source: Internet
Author: User
Tags aliyun

Recommendation: 10 Technical Masterpiece: "High-performance Linux server construction combat Ⅱ" full-network distribution, with probation chapters and the book instance source download!

A bash security vulnerability has just erupted today, and Bash has a security vulnerability that directly affects UNIX-based systems such as Linux, OS X, and so on. The vulnerability could cause a remote attacker to execute arbitrary code on the affected system.


"software and systems identified for successful use" 
all Linux operating systems installed with GNU Bash version less than or equal to 4.3.
 
"Vulnerability description"  
the vulnerability stems from the special environment variables created before the bash shell that you invoke, which can contain code and be executed by bash.

"Vulnerability Detection method" 
Vulnerability Detection command: $env x= ' () {:;}; Echo vulnerable ' bash-c "echo this is a test"
Vulnerable
This is a test
if it appears as above, then, unfortunately, you must immediately fix the security patch.


"Recommended patching Scenarios"

Special Note: This fix will not have any effect.

Select the commands you need to fix according to the Linux version:

CentOS:
yum-y Update Bash
 
Ubuntu:
14.04 64bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_amd64.deb && dpkg-i bash_4.3-7ubuntu1.1_ Amd64.deb
 
14.04 32bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_i386.deb && dpkg-i bash_4.3-7ubuntu1.1_ I386.deb
 
 
12.04 64bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_amd64.deb && dpkg-i bash_4.2-2ubuntu2.2_ Amd64.deb
 
12.04 32bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_i386.deb && dpkg-i bash_4.2-2ubuntu2.2_ I386.deb
 
10.x64bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_amd64.deb && dpkg-i bash_4.1-2ubuntu3.1_ Amd64.deb
 
10.x32bit
wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_i386.deb && dpkg-i bash_4.1-2ubuntu3.1_ I386.deb
 
 
Debian:
7.5 64bit && 32bit
apt-get-y install--only-upgrade bash
 
6.0.x 64bit
wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3%2bdeb6u1_amd64.deb && dpkg-i bash_ 4.1-3+deb6u1_amd64.deb
 
6.0.x 32bit
wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3%2bdeb6u1_i386.deb && dpkg-i bash_ 4.1-3+deb6u1_i386.deb
 
openSUSE:
13.1 64bit
wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.x86_64.rpm && rpm-uvh bash-4.2-68.4.1.x86_64. RPM
 
 
13.1 32bit
wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.i586.rpm && RPM-UVH bash-4.2-68.4.1.i586.rpm
 
Aliyun Linux:
5.x 64bit
wget http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm && RPM-UVH bash-3.2-33.el5.1.x86_64.rpm
 
5.x 32bit
wget http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm && RPM-UVH bash-3.2-33.el5.1.i386.rpm


"Patching complete test"
After you upgrade bash, perform the test:
$ env x= ' () {:;}; Echo vulnerable ' bash-c "echo this is a test"
bash:warning:x: Ignoring function definition attempt
bash:error importing function definition for ' x '
This is a test


If shown above, indicates that the vulnerability has been patched.

Linux Bash Critical Vulnerability Emergency Repair solution

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.