Linux SECURITY: detects and fixes shell-breaking vulnerabilities in Bash.

Linux SECURITY: detects and fixes shell-breaking vulnerabilities in Bash.

Q: I want to know if my Linux server has a bash Shell Cracking vulnerability and how to protect my Linux server from the Shell Cracking vulnerability.

On September 6, September 24, 2014, a security researcher named Stefan sandera discovered a bash vulnerability named "Shellshock, also known as" Bash Gate "or" bash Vulnerability. If this vulnerability is infiltrated, remote attackers can output function definitions in a specially crafted environment before calling shell to execute any program code. Then, the code in these functions can be executed immediately when bash is called.

Note that the Shell Cracking vulnerability affects bash versions 1.14 to 4.3 (current version ). Although there is no authoritative and complete solution to this vulnerability at the time of writing this article, it is also possible to use the major Linux distributions (Debian, Red Hat, CentOS, Ubuntu and Novell/Suse) patches (CVE-2014-6271 and CVE-2014-7169) have been released for partial addressing of this vulnerability, and it is recommended to update bash as soon as possible and check for updates within the next few days, you may have a complete solution when you see this article ).

Detect SHELL CRACKING

To check whether your Linux system has a Shell Cracking vulnerability, enter the following command in the terminal.

 $ env x='() { :;}; echo "Your bash version is vulnerable"' bash -c "echo This is a test" 

If your Linux system has been exposed to a shell-breaking vulnerability, the command output will look like this:

Your bash version is vulnerableThis is a test

In the preceding command, an environment variable named x has been set for use in the user environment. As we know, it is not assigned a value (defined by a virtual function), followed by an arbitrary command (red), which will be executed before bash is called.

Fix shell-cracking Vulnerabilities

You can install the newly released bash patch as follows.

On Debian and its derivative versions:

1. # Aptitude update & aptitude safe-upgrade bash

On the Red Hat-based release:

1. # Yum update bash

Before patching:

Debian:

CentOS:

After patching:

Debian:

CentOS:

Note: Before and After patches are installed, the bash versions in each release version have not changed-but you can see that the patch has been installed by running the update command (you may need to confirm before installation ).

If you cannot install the patch for some reason, or the patch for your release has not been released, we recommend that you try another shell until the patch is fixed.

Gitlab-shell is affected by Bash CVE-2014-6271 Vulnerability

Linux security vulnerability exposure Bash is more serious than heartbleed

The solution is to upgrade Bash. Please refer to this article.

Bash remote parsing command execution vulnerability Test Method

Bash vulnerability latest patch installation tutorial [Download]

Shellshock

This article permanently updates the link address: