• +(62) 361 - 4719506
05 October 2014

Protect Your Server Against ShellShock

On September 24th, 2014, a GNU Bash vulnerability referred to as Shellshock was disclosed. This vulnerability affects your Linux servers here at BaliDotCom.

What can it be used for?

Unauthorized remote users may use CGI scripts, certain DHCP clients, OpenSSH and other various network-exposed services that use bash in order to run commands on the server.

How to tell if your server is vulnerable.

Windows servers are not affected by this. From within your Linux server, run the following command:

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

If the command returns "Bash is vulnerable!" then your server is currently vulnerable.

 

How to protect your server.

Updates have been released for Bash that patch this vulnerability. Update your server by using the following commands.

CentOS / Red Hat / Fedora:

sudo yum update bash

Ubuntu / Debian:

sudo apt-get update && sudo apt-get install --only-upgrade bash

Search

Categories


Domain Search