Shellshock is a bash exploit which allows a malicious user to put extra information into an environment variable and have bash execute it.

Fixes are out for RHEL/CentOS and Ubuntu, update your systems immediately…

Test using:
$ env var='() { ignore this;}; echo vulnerable’ bash -c /bin/true
CentOS/RHEL/Fedora Fix:
$ sudo yum update bash -y
Ubuntu fix:
$ sudo apt-get install –only-upgrade bash

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>