468x60

lunedì 29 settembre 2014

How to Protect your Server Against the Shellshock Bash Vulnerability

On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments.

Check System Vulnerability
On each of your systems that run Bash, you may check for Shellshock vulnerability by running the following command at the bash prompt:
env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Therefore, if you see the following output, your version of Bash is vulnerable and should be updated:
Bash is vulnerable!Bash Test
Fix Vulnerability: Update Bash
The easiest way to fix the vulnerability is to use your default package manager to update the version of Bash.

Update Bash to the latest version available via apt-get on Debian/Ubuntu:
sudo apt-get update && sudo apt-get install --only-upgrade bash


Condividi questo articolo

Condividi su Facebook Aggiungi a Google Bookmarks Aggiungi a Yahoo My Web vota su OKNotizie salva su Segnalo vota su Diggita Condividi su Meemi segnala su Technotizie vota su Wikio vota su Fai Informazione Add To Del.icio.us Digg This Fav This With Technorati
Pubblicato da Carmelo Saffioti alle 11:36
Etichette: , ,

Nessun commento:

Posta un commento

Iscriviti a: Commenti sul post (Atom)
468x60

Cerca su Google

Cerca nel Blog con Google