Serious Bug with BASH ( CVE-2014-6271 )


Note : Redhat updated this patch is incomplete and they are working with a new one at the moment ( CVE-2014-7169 ) , Refer for the details for CVE-2014-7169

Affected platforms :-

Red Hat Enterprise Linux 4 (ELS)/ 5 / 6 /7
CentOs 5/6/7

How to test  if your version of Bash is vulnerable to this issue or not ?

[root@]# env x='() { :;}; echo vulnerable’  bash -c “echo this is a test”
this is a test

Resolution :-

This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.

In order to avoid exploitation from CVE-2014-6271, ensure that your system is updated to at least  versions of Bash.

# yum update bash

Fix for CentOs platforms

Centos 5

bash-3.2-33.el5.1.i386.rpm / bash-3.2-33.el5.1.x86_64.rpm

Centos 6
bash-4.1.2-15.el6_5.1.i686.rpm / bash-4.1.2-15.el6_5.1.x86_64.rpm

Note : Its always better to reboot your machine after upgrading to the latest bash package . If its a production critical machine and not able to do a quick reboot then please run ” /sbin/ldconfig “

How to make sure your machine/server is secure after the package update ?

Run the above command again

[root@]# env x='() { :;}; echo vulnerable’  bash -c “echo this is a test”

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test


Reference :-