Follow
Note : Redhat updated this patch is incomplete and they are working with a new one at the moment ( CVE-2014-7169 ) , Refer for the details for CVE-2014-7169
Affected platforms :-
Red Hat Enterprise Linux 4 (ELS)/ 5 / 6 /7
CentOs 5/6/7
How to test if your version of Bash is vulnerable to this issue or not ?
[root@]# env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
vulnerable
this is a test
[root@]#
Resolution :-
This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.
In order to avoid exploitation from CVE-2014-6271, ensure that your system is updated to at least versions of Bash.
# yum update bash
Fix for CentOs platforms
Centos 5
bash-3.2-33.el5.1.i386.rpm / bash-3.2-33.el5.1.x86_64.rpm
Centos 6
bash-4.1.2-15.el6_5.1.i686.rpm / bash-4.1.2-15.el6_5.1.x86_64.rpm
Note : Its always better to reboot your machine after upgrading to the latest bash package . If its a production critical machine and not able to do a quick reboot then please run ” /sbin/ldconfig “
How to make sure your machine/server is secure after the package update ?
Run the above command again
[root@]# env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
Reference :-
https://access.redhat.com/security/cve/CVE-2014-6271
http://lists.centos.org/pipermail/centos/2014-September/146099.html
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
Recent Comments