What is Shellshock bug?
Shellshock is a “deadly serious” bug potentially affecting millions of desktop and laptop computers, servers and mobile devices across the world, that has been discovered this week.
A Linux software component, known as BASH is the home of the latest flawed been found, which is also a part of Apple’s Mac OS.
This new bug is such dangerous that anyone can take control of any computer using BASH. This is why security researchers put Shellshock bug on top of Heartbleed bug that found on April 2014.
Prof Alan Woodward, a security researcher from the University of Surrey told that
“Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system. The door’s wide open.”
Researchers estimates about 500 million machines will be effected by Shellshock bug, whereas Heartbleed bug hits around half a million devices. Security experts warned that the Shellshock patch is ‘incomplete’ to secure the Unix & Linux based systems and thus taking control of vulnerable machines would be so easy because of the simplicity of the BASH Shellshock bug.
Stephane Chazelas, 39, a French Software and Telecom expert, discovered the Shellshock bug vulnerability in bash,which is exploitable over the network, is related to how environment variables are processed, especially if bash has been configured as the system shell. He discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments.
What is BASH?
BASH stands for Bourne-Again SHell, which is a command prompt software component on many Unix, Linux & Mac computers. Unix is an operating system on which many others are built, such as Linux and Mac OS.
How to Patch Shellshock bug?
Unix, Linux & Mac System administrators should urgently apply proper Shellshock bug Patch before being compromised their system.
CentOS Patch for Shellshock bug
i386: 39f53e854969bb0bcbb280bf6581ec5857c086cdd727adc5eec9b7a9b7dcd0a6 bash-3.2-33.el5.1.i386.rpm x86_64: 336202c14095622471275b4c4d55d49f16ee065d4f77dcef4ae5479cc67e11ad bash-3.2-33.el5.1.x86_64.rpm Source: c8ccac8652d7b44531ab0a76c6eb9b0209dcd1dddf149fb182d0471206704217 bash-3.2-33.el5.1.src.rpm
i386: f17f9e203cc55846a050ce57efd67159e208ef8bd469633a471233e8b9c54a74 bash-4.1.2-15.el6_5.1.i686.rpm 11628832fb279e1bdca2cb8f403f7080fbab9fde554ed6ce3081344f92a93d7a bash-doc-4.1.2-15.el6_5.1.i686.rpm x86_64: eb8e41a4752e64c5c64371e5ae2ddbd5857b1e879832557a89fad195f4ab8f5b bash-4.1.2-15.el6_5.1.x86_64.rpm 16312fa5b190cd20b8ce2374e8ea2404aa17c849003dd080105e6225fc379df1 bash-doc-4.1.2-15.el6_5.1.x86_64.rpm Source: 063b6c42042d97a7aa32f8d058947275085a95a1545d1fe018bdc888e4dc093f bash-4.1.2-15.el6_5.1.src.rpm
x86_64: 4274e74893b2e3f31704befbd4c0968c68f153bfcd869c286d6df0a269280e87 bash-4.2.45-5.el7_0.2.x86_64.rpm e1bddc9814dd79c97b6c7f04a94178cfae8fb4ece1fbdab8e36172db16e527b9 bash-doc-4.2.45-5.el7_0.2.x86_64.rpm Source: 06e77611ff4bb3014a34300277d94f43ad2f281e42eb86ee609a71d4e2c06174 bash-4.2.45-5.el7_0.2.src.rpm
Ubuntu Patch for Shellshock bug
- Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.1
- Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.2
- Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.1
Redhat Patch for Shellshock bug
- This issue affects all software that uses the Bash shell and parses values of environment variables. This issue is especially dangerous as there are many possible ways Bash can be called by an application. Quite often if an application executes another binary, Bash is invoked to accomplish this. Because of the pervasive use of the Bash shell, this issue is quite serious and should be treated as such.
- In order to avoid exploitation from CVE-2014-6271, ensure that your system is updated to at least the following versions of Bash.
- Red Hat Enterprise Linux 7 – bash-4.2.45-5.el7_0.2
- Red Hat Enterprise Linux 6 – bash-4.1.2-15.el6_5.1
- Red Hat Enterprise Linux 5 – bash-3.2-33.el5.1
- Red Hat Enterprise Linux 4 Extended Lifecycle Support – bash-3.0-27.el4.2
- Red Hat Enterprise Linux 5.6 Long Life – bash-3.2-24.el5_6.1
- Red Hat Enterprise Linux 5.9 Extended Update Support – bash-3.2-32.el5_9.2
- Red Hat Enterprise Linux 6.2 Advanced Update Support – bash-4.1.2-9.el6_2.1
- Red Hat Enterprise Linux 6.4 Extended Update Support – bash-4.1.2-15.el6_4.1
- SJIS for Red Hat Enterprise Linux 6 – bash-4.1.2-15.el6_5.1.sjis.1
- SJIS for Red Hat Enterprise Linux 5 – bash-3.2-33.el5_11.1.sjis.1
- In order to update to the most recent version of the Bash package run the following command:
# yum update bash
- Specify the package name in order to update to a particular version of Bash. For example, to update a Red Hat Enterprise Linux 6.5 system run:
# yum update bash-4.1.2-15.el6_5.1
- The only way to fix it is to install updated Bash packages.
- The safest & simplest thing to do is to perform a system reboot.
- Carry out the following operation if system cannot be reboot.