Issue:

ShellShock is a security vulnerability that has been found in the common Linux shell BaSH. While this vulnerability does not effect and is not effected by Ephesoft directly, we highly recommend patching this vulnerability ASAP to keep your system protected. RHEL’s first patch for this was improper and you may still be vulnerable.

How to test your system for the ShellShock vulnerability in RHEL/CentOS 6.5:
in a terminal window, type the following or copy and paste from here.

env ‘x=() { :;}; echo vulnerable’ ‘BASH_FUNC_x()=() { :;}; echo vulnerable’ bash -c “echo test”

Depending on whether or not you are vulnerable, these will be the outputs that you see:

vulnerable
bash: BASH_FUNC_x(): line 0: syntax error near unexpected token `)’
bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo vulnerable’
bash: error importing function definition for `BASH_FUNC_x’
test

 

Improper fix from RHEL:

$ env ‘x=() { :;}; echo vulnerable’ ‘BASH_FUNC_x()=() { :;}; echo vulnerable’ bash -c “echo test”
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
bash: error importing function definition for `BASH_FUNC_x()’
test

 

Not Vulnerable:

$ env ‘x=() { :;}; echo vulnerable’ ‘BASH_FUNC_x()=() { :;}; echo vulnerable’ bash -c “echo test”
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `BASH_FUNC_x’
Test

 

Solution:

in a terminal type the following:

sudo yum -y update bash

This will update your BaSH shell to the latest (safe) version. Please run the test again after this finishes to make sure that it was applied properly.

 

 

 

Ubuntu:

Since some of our customer have chosen to install and test on Ubuntu, we would like to provide you with the Ubuntu steps given by canonical.

sudo aptget update && sudo aptget installonlyupgrade bash

 

envx='() { :;}; echo vulnerable’bash -c”echo Test complete”

 

 

 

If you see “vulnerable” afterwards, you haven’t patched it.

If you see “this is a test”, you’re patched.

 




Was this article helpful to you?

J.D. Abbey

Comments are closed.