How to test and patch your server for the Shellshock exploit

To test your system to see if it is vulnerable to the ShellShock exploit, run the following command from the command line:

env check='Not vulnerable' x='() { :;}; check=Vulnerable' bash -c 'echo $check'

If the reply from the command says “Vulnerable”, you should patch it immediately! The fix is actually quite simple and only takes a minute or so.

 

CentOS, Fedora, Redhat

Log into your server as root

yum update -y

 

Debian, Ubuntu, Mint

sudo apt-get update && sudo apt-get install --only-upgrade bash

That’s it! You can re-run the test command to verify your server has been successfully patched.

 
 
 

Comments

So empty here ... leave a comment!

Leave a Reply

Sidebar