A newly discovered security bug in a widely used piece of Linux software, known as “Bash,” could pose a bigger threat to computer users than the “Heartbleed” bug that surfaced in April, cyber experts warned on Wednesday.
The bug was rated a “10” for severity, meaning it has maximum impact, and rated “low” for complexity of exploitation, meaning it is relatively easy for hackers to launch attacks.
“Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, etc. “Anybody with systems using Bash needs to deploy the patch immediately.”
“Heartbleed,” discovered in April, is a bug in an open-source encryption software called OpenSSL.
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
Certain DHCP clients
OpenSSH servers that use the ForceCommand capability
Various network-exposed services that use Bash
Check System Vulnerability
On each of your systems that run Bash, you may check for Shellshock vulnerability by running the following command at the bash prompt:
env VAR='() { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”
The highlighted echo Bash is vulnerable! portion of the command represents where a remote attacker could inject malicious code; arbitrary code following a function definition within an environment variable assignment. Therefore, if you see the following output, your version of Bash is vulnerable and should be updated:
Bash is vulnerable!
Bash Test
Otherwise, if your output does not include the simulated attacker’s payload, i.e. “Bash is vulnerable” is not printed as output, your version of bash is not vulnerable. It may look something like this:
bash: warning: VAR: ignoring function definition attempt
bash: error importing function definition for `VAR’
Bash Test
Fix Vulnerability: Update Bash
Use your default package manager to update the version of Bash. The following subsections cover updating Bash on various Linux distributions, including Ubuntu, Debian, CentOS, Red Hat, and Fedora.
YUM: CentOS / Red Hat / Fedora
Update Bash to the latest version available via the yum:
sudo yum update bash
Now run check your system vulnerability again by running the command in the previous section