Software Development Solutions

  • Português
  • English
  • Facebook
  • Twitter
  • LinkedIn
  • RSS

contato@softerize.com

  • Home
  • Services
    • Solution Design
    • Software Development
    • Systems Support
  • Solutions
  • Work
  • About
    • History
    • Partners
    • Blog
  • Contact

Information About the Shellshock bug

Posted:
09/30/2014

Tags:
bug, server, shellshock

Comments: 0

Information About the Shellshock bug

Learn about the vulnerability known as Shellshock, if you need to worry and what to do in case you need. This bug, found on September 24 is a seriou vulnerability, but relatively restricted. Here at Softerize all our servers have been updated.

What is it?

The Shellshock is a Bash vulnerabilty – the command line app – in operation systems based on Unix. That’s Linux distros and the OS X. The problem is not so important on Apple computers, because they’re usually not used as servers. Besides, Apple already released an update for the issue.

In case you have Linux servers, like us, you should worry. To test if your computer is at risk, open up the command line. You can connect via SSH directly or through an app line Tunnelier. Run the following command:

Shell
1
env X='() { :; }; echo "CVE-2014-6271 vulnerable"' bash -c id

If you see “CVE-2014-6271 vulnerable”, that you need to update your Bash. If you don’t do that, it will be possible to run external code in your Bash, even remotely.

In case your Bash is not vulnerable, be aware that new vulnerabilities were found. So visit https://github.com/mubix/shellshocker-pocs and test the different commands. You can also run the script available in https://github.com/hannob/bashcheck to test.

Fixing

to fix the problem you need to update Bash. Depending on your Linux distro, you’ll need an specific command.

Ubuntu/Debian

Use apt-get:

Shell
1
sudo apt-get update && sudo apt-get install --only-upgrade bash

CentOS / Red Hat / Fedora

Use yum:

Shell
1
sudo yum update bash

Conclusion

Update your servers as soon as possible to avoid future problems. And try to keep them up to date.


  • bug
  • server
  • shellshock

Share This Post

  • Facebook
  • Twitter
  • LinkedIn
  • Google Plus

Related Posts

Laravel ElePHPant

Laravel ElePHPant

07/10/2015
Laravel and CodeIgniter Frameworks

Laravel and CodeIgniter Frameworks

05/21/2014
Are You Ready for Windows 10?

Are You Ready for Windows 10?

06/21/2015

Leave A Comment

Click here to cancel reply.

Name*

Mail*

Website

Categories

  • Blog
  • News

Tags

android app application Bootstrap bug CodeIgniter elephpant framework game google play inpi iphone jquery laravel login mobile mvc mysql mysql php office operational system php random maze server shellshock showthatyouhelp site softerize sphere arena support trademark twitter unity3d update virtualbox windows windows 10 wordpress

Softerize

Rua Felipe Neri 428/202 - Porto Alegre - RS - Brazil

+55 (51) 3574.3803

E-mail: contact@softerize.com

Newsletter

Follow

  • Facebook
  • Twitter
  • Linkedin
  • RSS

Language

  • Português
  • English
  • Home
  • Services
  • Solutions
  • Work
  • About
  • Contact

© 2017 Softerize Sistemas Ltda.