This is how you test your bash shell whether its vulnerable or not for 'shellsock' bug.
Run this on your linux shell (you don't need super user account for this):
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
if the result like this:
vulnerable
this is a test
then, you need to upgrade your bash version.
Just run (as superuser or sudo)
# apt-get update
# apt-get upgrade
It will show bash upgrade like this:
Get:1 http://security.debian.org/ wheezy/updates/main bash amd64 4.2+dfsg-0.1+deb7u3 [1,501 kB]
After I upgrade my bash, the result becames like this:
this is a test
I use bash version : GNU bash, version 4.2.37(1)-release (x86_64-pc-linux-gnu)
Reference: http://www.debiantutorials.com/how-to-detect-if-your-server-is-vulnerable-to-the-shellshock-bug-and-fix-it/
No comments:
Post a Comment