{"id":577,"date":"2014-09-30T05:26:13","date_gmt":"2014-09-30T05:26:13","guid":{"rendered":"http:\/\/www.gigapros.com\/blog\/?p=577"},"modified":"2022-10-29T03:00:08","modified_gmt":"2022-10-29T03:00:08","slug":"info-on-shell-shock-bash-vulnerability","status":"publish","type":"post","link":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/","title":{"rendered":"&#8220;Shell Shock Bash&#8221; vulnerability on your server"},"content":{"rendered":"<div class=\"storycontent\">\n<p>On September 24th, a vulnerability was reported in the GNU <strong>B<\/strong>ourne-<strong>A<\/strong>gain-<strong>Sh<\/strong>ell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.<\/p>\n<p>GigaPros immediately fixed this for all the shared servers (servers which are hosting Personal plans, Business plans and Reseller plans). The main hardware nodes of VPS and Cloud servers are also fixed.<\/p>\n<p>But for VPS containers, Cloud containers\u00a0as well as Dedicated servers, users are advised to check because some servers may remain vulnerable depending on their update settings or other unforeseen intervening factors. Thus, we&#8217;ve provided the instructions below. To Summarize:<\/p>\n<ul class=\"bullet_class\">\n<li>This flaw exploits Bash, a Unix command-line shell run by default on most Linux servers.<\/li>\n<li>Allows for remote code execution, and many types of command-line based attacks.<\/li>\n<li>A patch is available, and your server can be easily updated.<\/li>\n<li>We have tutorials on <span style=\"color: #ff0000;\"><a href=\"#how-to-update-bash-on-red-hat-and-centos\/\"><span style=\"color: #ff0000;\">How to Update Bash on CentOS<\/span><\/a><\/span> and <span style=\"color: #ff0000;\"><a href=\"#how-to-update-bash-on-debian-and-ubuntu\/\"><span style=\"color: #ff0000;\">How to Update Bash on Ubuntu<\/span><\/a><\/span>.<\/li>\n<li>Test the vulnerability of your server with the information below.<\/li>\n<\/ul>\n<p>The National Cyber Awareness System describes the issue as follows:<\/p>\n<blockquote style=\"padding: 4px; font-size: 12px;\"><p>GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.<\/p><\/blockquote>\n<div class=\"step_number\"><b>Check Whether Your Server is Vulnerable<\/b><\/div>\n<p>It is very easy to check whether or not your server is vulnerable by running the following (safe to run) code:<\/p>\n<p><code>cd \/tmp; rm -f \/tmp\/echo; env 'x=() { (a)=&gt;\\' bash -c \"echo date\"; cat \/tmp\/echo<\/code><\/p>\n<p>If your server <strong>isn\u2019t vulnerable<\/strong>, then the following will be displayed:<\/p>\n<p><code>bash: x: line 1: syntax error near unexpected token `=\u2019<br \/>\nbash: x: line 1: `\u2019<br \/>\nbash: error importing function definition for `x\u2019<br \/>\ndate<br \/>\ncat: \/tmp\/echo: No such file or directory<\/code><\/p>\n<p>Or in some cases simply:<\/p>\n<p><code>date<br \/>\ncat: \/tmp\/echo: No such file or directory<\/code><\/p>\n<p>If your server <strong>is vulnerable<\/strong>, then the following will be displayed (with the date):<\/p>\n<p><code>bash: x: line 1: syntax error near unexpected token `=\u2019<br \/>\nbash: x: line 1: `\u2019<br \/>\nbash: error importing function definition for `x\u2019<br \/>\nFri Sep 26 11:55:07 EDT 2014<\/code><\/p>\n<p>And the file <strong>\/tmp\/echo<\/strong> will be created.<\/p>\n<p> <strong>Now its time for the\u00a0tutorials, once you follow the tutorials, confirm your server is no longer vulnerable by running the above code once more!<\/strong><\/p>\n<\/div>\n<div id=\"how-to-update-bash-on-red-hat-and-centos\/\" class=\"step_number\"><\/div>\n<p>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<\/p>\n<div class=\"storycontent\">\n<h2>Tutorial: How to Update Bash on CentOS &#8211;<\/h2>\n<div class=\"step_number\"><\/div>\n<div class=\"step_number\">Pre-Flight Check<\/div>\n<ul class=\"bullet_class\">\n<li class=\"bullet_class\">These instructions are intended specifically for updating Bash on CentOS.<\/li>\n<li class=\"bullet_class\">Login as root and run the following commands &#8211;<\/li>\n<\/ul>\n<div class=\"step_number\">Clean-Up Yum<\/div>\n<p><code>yum clean all<\/code><\/p>\n<div class=\"step_number\">Update Bash<\/div>\n<p>Updating Bash is as simple as running just one command: <code>yum -y update bash<\/code><\/p>\n<div class=\"step_number\">or\u2026 Update All Installed Packages<\/div>\n<p>Optionally, it is possible to update all of the installed packages at once with the following command: <code>yum -y update<\/code><\/p>\n<\/div>\n<div id=\"how-to-update-bash-on-debian-and-ubuntu\/\" class=\"step_number\"><\/div>\n<p>+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++<\/p>\n<div>\n<h2>Tutorial: How to Update Bash on\u00a0Ubuntu &#8211;<\/h2>\n<div class=\"step_number\">Pre-Flight Check<\/div>\n<ul class=\"bullet_class\">\n<li class=\"bullet_class\">These instructions are intended specifically for updating Bash on Ubuntu.<\/li>\n<li class=\"bullet_class\">Login as root and run the following commands &#8211;<\/li>\n<\/ul>\n<div class=\"step_number\">Clean-Up Apt-get<\/div>\n<p><code>apt-get autoclean<\/code><\/p>\n<div class=\"step_number\">Update Bash<\/div>\n<p>Updating Bash is as simple as running just one command: <code>apt-get install --only-upgrade bash<\/code><\/p>\n<div class=\"step_number\">or\u2026 Upgrade All Installed Packages<\/div>\n<p>Optionally, it is possible to Upgrade all of the installed packages at once with the following command: <code>apt-get upgrade<\/code> <!-- Start Sociable --><!-- End Sociable --><!-- RSS Footer --> <!-- Related Posts Code --> <!-- End Related Posts Code --><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>On September 24th, a vulnerability was reported in the GNU Bourne-Again-Shell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>&quot;Shell Shock Bash&quot; vulnerability on your server<\/title>\n<meta name=\"description\" content=\"\u201cShell Shock Bash\u201d vulnerability on your server\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"&quot;Shell Shock Bash&quot; vulnerability on your server\" \/>\n<meta property=\"og:description\" content=\"\u201cShell Shock Bash\u201d vulnerability on your server\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"GigaPros Blog\" \/>\n<meta property=\"article:published_time\" content=\"2014-09-30T05:26:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-10-29T03:00:08+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/\",\"url\":\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/\",\"name\":\"\\\"Shell Shock Bash\\\" vulnerability on your server\",\"isPartOf\":{\"@id\":\"https:\/\/www.gigapros.com\/blog\/#website\"},\"datePublished\":\"2014-09-30T05:26:13+00:00\",\"dateModified\":\"2022-10-29T03:00:08+00:00\",\"author\":{\"@id\":\"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/58130b80fc7a803722bb02055fd1ff4d\"},\"description\":\"\u201cShell Shock Bash\u201d vulnerability on your server\",\"breadcrumb\":{\"@id\":\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.gigapros.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"&#8220;Shell Shock Bash&#8221; vulnerability on your server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.gigapros.com\/blog\/#website\",\"url\":\"https:\/\/www.gigapros.com\/blog\/\",\"name\":\"GigaPros Blog\",\"description\":\"Latest News and Alerts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.gigapros.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/58130b80fc7a803722bb02055fd1ff4d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/308f135d682ffe3b66b54959dab74aa7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/308f135d682ffe3b66b54959dab74aa7?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"url\":\"https:\/\/www.gigapros.com\/blog\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\"Shell Shock Bash\" vulnerability on your server","description":"\u201cShell Shock Bash\u201d vulnerability on your server","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"\"Shell Shock Bash\" vulnerability on your server","og_description":"\u201cShell Shock Bash\u201d vulnerability on your server","og_url":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/","og_site_name":"GigaPros Blog","article_published_time":"2014-09-30T05:26:13+00:00","article_modified_time":"2022-10-29T03:00:08+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/","url":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/","name":"\"Shell Shock Bash\" vulnerability on your server","isPartOf":{"@id":"https:\/\/www.gigapros.com\/blog\/#website"},"datePublished":"2014-09-30T05:26:13+00:00","dateModified":"2022-10-29T03:00:08+00:00","author":{"@id":"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/58130b80fc7a803722bb02055fd1ff4d"},"description":"\u201cShell Shock Bash\u201d vulnerability on your server","breadcrumb":{"@id":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.gigapros.com\/blog\/info-on-shell-shock-bash-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.gigapros.com\/blog\/"},{"@type":"ListItem","position":2,"name":"&#8220;Shell Shock Bash&#8221; vulnerability on your server"}]},{"@type":"WebSite","@id":"https:\/\/www.gigapros.com\/blog\/#website","url":"https:\/\/www.gigapros.com\/blog\/","name":"GigaPros Blog","description":"Latest News and Alerts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.gigapros.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/58130b80fc7a803722bb02055fd1ff4d","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.gigapros.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/308f135d682ffe3b66b54959dab74aa7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/308f135d682ffe3b66b54959dab74aa7?s=96&d=mm&r=g","caption":"admin"},"url":"https:\/\/www.gigapros.com\/blog\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/posts\/577"}],"collection":[{"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/comments?post=577"}],"version-history":[{"count":31,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions"}],"predecessor-version":[{"id":609,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/posts\/577\/revisions\/609"}],"wp:attachment":[{"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/media?parent=577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/categories?post=577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gigapros.com\/blog\/wp-json\/wp\/v2\/tags?post=577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}