Bash Code Injection Vulnerability (aka Shellshock)

Recently there has been the new vulnerability on bash in unix system allowing unauthenticated access to applications and services to atackers. Following are quick steps as displayed on Red hat support portal to identify whether your RHEL/CentOS is vulnerable or not.

Go to command prompt then type the following command:

env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"

If you see in the result some word like “vulnerable” then you need to update your bash to the latest or rater patched version.

To be on the safer side please keep your bash updated with latest fixes

yum update bash

Further Reading:



About Dominic

J for JAVA more about me :
This entry was posted in Thechy Stuff and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s