How to protect Mac or Linux against Shellshock exploit aka Bash vulnerability

Earlier we warned you about Heartbleed bug on OpenSSL. Now Unix systems have new bug called bash bug aka Shellshock. This is a serious bug in Unix based system like Mac, Linux and other open-source Linux distributions. Shellshock can use bash-scripts to intrude into Linux or Mac.  It can exploit by launching programs, enabling features, and accessing files. This is one big security hole that can lead to massive chain of attacks on Linux servers around the world. All bash versions equal to or below 3.2.51(1)-release are vulnerable to Shellshock threats. 

This is what an average Linux and Mac users can do to protect their system against Shellshock:

Step 1. Check your sytem bash version

Goto terminal and type this command

bash --version

If your bash version is below version 3.2.51(1)-release, your system is potentially at risk, you need to follow step 2 to confirm whether there is a risk or not.

 
Step 2. Check system for Shellshock vulnerability

Goto terminal and type this command

env x='() { :;}; echo system is' bash -c 'echo vulnerable'

 

If your system has no bash bug it will throw below messsage

bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' vulnerable

 

If you get below message then your computer i.e. Mac or Linux  is vulnerable to shellshock

system is vulnerable

 

In case your sytem is vulnerable to Shellshock you can fix it by using suitable patches. You can follow step 3 to protect mac or linux against any possible shellshock exploits.

 

Step 3. If found vulnerable, apply patch 

Thanks to few generous bloggers on internet who have already written detailed instructions on how to fix shellshock bug:

Most of the new Linux and Mac bash versions do not have Shellshock vulnerability however old systems are very much open to these bash bug attacks.

Tags: