 |
| image - http://gizmodo.com |
Bash Shellshock, the newly discovered vulnerability that allows attackers to inject code into your machine, puts your Mac or Linux at a serious risk for malicious attacks. It's kind of like Heartbleed, the Open/SSL bug that scared everyone senseless a few months ago and remains unpatched on thousands of systems. According to some experts, however, Shellshock could be way worse, and it's been around for decades.
How to check if you are vulnerable:
Run the below command in your terminal-
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If you're not vulnerable, you'll get this result:
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' hello If you are vulnerable, you'll get:
vulnerable helloWhat to do if you are vulnerable : GET A PATCH IMMEDIATELY.
Run this command:
sudo apt-get update &&; sudo apt-get install --only-upgrade bash
recheck the vulnerability. You should be good to go now.
How to patch all systems at one go.
Run the below script:
#!/bin/bash
# This script will log into each of your servers and execute the command below
servers=(
# Put your list of servers here
111.222.333.444
123.123.123.123
10.10.10.10
15.22.22.22
)
for server in ${servers[@]}
do
# Here's the command you're going to run on each
ssh $server 'yum -y update bash'
done
Read more about this here:
http://lifehacker.com/how-to-check-if-your-mac-or-linux-machine-is-vulnerable-1639211806
http://gizmodo.com/why-the-shellshock-bash-bug-could-be-even-worse-than-he-1639047786/+whitsongordon
No comments:
Post a Comment