CentOs Fix for Bash Bug ( CVE-2014-6271 & CVE-2014-7169 )

September 26, 2014 Author: Admin
2 Comments
Email, RSS Follow

After couple of days trouble today we got a fix from Centos for the so famous bash security issue ( For known loop holes
CVE-2014-6271 & CVE-2014-7169 )

CentOS 5 Fix  :-

* i386:
( sha256sum ) 9755e86ad8536c908f95340be308190b52989bfa0d9268a461c40a3f0d493bc7  :  bash-3.2-33.el5_10.4.i386.rpm

* x86_64:
( sha256sum) b1e14edd0d675c6fb0be64cb875fbd9fac208a58e427ea32f373c9359b35642c   :  bash-3.2-33.el5_10.4.x86_64.rpm

CentOS 6 Fix: –

* x86_64:

http://mirror.centos.org/centos/6/updates/x86_64/Packages/bash-4.1.2-15.el6_5.2.x86_64.rpm

* i386:

http://mirror.centos.org/centos/5/updates/i386/RPMS/bash-3.2-33.el5_10.4.i386.rpm

Test Output : –

[root@ ~]# rpm -qa | grep bash
bash-3.2-32.el5

[root@ ~]# env X='() { (a)= >\’ bash -c “echo date”;
bash: X: line 0: syntax error near unexpected token `=’
bash: X: line 0: `X () { (a)= >\’
bash: error importing function definition for `X’
date
[root@ ~]#

* After updating to latest bash rpm.

[root@ ~]# rpm -qa | grep bash
bash-3.2-33.el5_10.4
[root@ ~]#

[root@ ~]# env X='() { (a)= >\’ bash -c “echo date”;
date
[root@ ~]#

 

Reference :-

http://lists.centos.org/pipermail/centos-announce/2014-September

Related posts:

  1. Again Bash !!! ( CVE-2014-7169 )
  2. Serious Bug with BASH ( CVE-2014-6271 )
  3. How to install yum on CentOS5
  4. Bash script to monitor bandwidth usage of a linux server
  5. Admin Tips 2 : Monitor linux services using bash script
Posted in :  Apache , Cpanel , Security
Tags :  , , , , , ,

URL for this post : https://adminlogs.info/2014/09/26/centos-fix-for-bash-bug-cve-2014-6271-cve-2014-7169/