Securing Your Debian Based Server From The BASH SHELLSHOCK Vulnerability

There has been quite a big buzz through SysAdmin circles these past few days due to the Bash Shellshock vulnerability CVE-2014-6271 that has a potential to allow remote code execution on your system (VERY BAD!).

Far be it for me to claim to be a security expert (that's why I get rss alerts from security blogs and mailing lists), I do recommend those who run their own Linux Servers to get right on the fix fast.

While there's no complete fix, it is still a wise move to minimize your vulnerability as much as possible.

For Debian based systems, the first thing you need to do is to verify if your system is vulnerable...

Once you're logged into your system, just type this to your terminal

env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

If you get the following result, then your system is vulnerable.

undefined

To apply the temporary fix, just update bash with this command:

sudo apt-get update && sudo apt-get install --only-upgrade bash

undefined

Once the update is finished, just re run the bash vulnerability test to confirm.

undefined

Once this is done, you should religiously check if a new update is available and apply it immediately.

http://www.ubuntu.com/usn/

https://security-tracker.debian.org/tracker/CVE-2014-6271

References:

http://seclists.org/oss-sec/2014/q3/650

https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271

In conclusion

I'm so glad I decided to go with VPSs. If I was still using shared hosting, I'd be spending the past two days waiting for any feedback from support if the server was updated or not.

Comments