Call023 8022 4917
Emailsales@mxsigns.co.uk

You are here: Home » Blog » How to update Bash to secure Shellshock vulnerability

MX Signs and Designs BlogWeb Design, Graphhical Design, Sign, Print Information & Tutorials

How to update Bash to secure Shellshock vulnerability

Posted On 29th September 2014
·By ryan
·In Cpanel & Server Admin, General
·With No Comments

By now you’re probably aware that a serious Unix (Linux) vulnerability has been discovered.Named ‘Shellshock’, it affects Unix-based operating systems such as Linux and Mac OS X. If exploited, can allow the running of arbitrary commands on Linux servers and can be used by hackers to gain remote control of servers and personal computers.

The aim of this post is to outline the steps you need to take to patch this vulnerability.

Shell Shock is a BASH exploit that can allow the running of arbitrary commands on Linux servers.

This is a newly discovered bug and affects a very large number of servers.

There is a patch, you should ensure that your server’s BASH version is updated ASAP.

What’s affected?

This has been reported worldwide by the media and isn’t specific to any particular company, so if you have hosting elsewhere and you’re unsure of the steps your web host or server administrator has taken, it’s vital to find out. You will also need to check any hardware you own running a Unix-based OS (e.g. desktops and laptops), and install recommended updates if they allow external SSH connections.

All versions of bash up to and including 4.3 are vulnerable.

All supported Linux distributions are affected and have released patches.

Debian: https://www.debian.org/security/2014/dsa-3035

Ubuntu: http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7169.html

Fedora: https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138687.html

Cent OS: http://lists.centos.org/pipermail/centos-announce/2014-September/020593.html

More information from Red Hat: https://access.redhat.com/articles/1200223

Shared Web Hosting

If your on a shared hosting environment likeliness is you don’t need to do anything and your host has already done this. Just ask them to confirm.

VPS, Hybrid Server & Dedicated Servers

If you have a VPS, Hybrid Server or Dedicated Server, and it is not managed you will need to update!

Doing this is quite simple, log in via SSH and run the following

CentOS & Fedora use bash by default. To update:

yum -y update bash

rpm -q –changelog | grep –B1 –A1 CVE-2014-7169

This should return something like the following

* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com> – 4.1.2-15.2

– CVE-2014-7169

Resolves: #1146322

Once you have successfully updated we recommend that you reboot the server to make sure that there are no vulnerable invocations of bash running.

Ubuntu and Debian may not use bash by default. However, you still need to patch as bash is likely to be installed. To do this:

apt-get update && apt-get install –only-upgrade bash

Following the update, you should reboot the server to make sure that there are no vulnerable invocations of bash running.

If you have any question or need help doing this contact us

Leave a Reply Cancel reply

We really couldn't have done it without you guys! The speedy service had our branding up together looking great and website live in record time and we were taking bookings on the site on the first day of opening! On top of that our logo, signage, flyers, design for our adverts in the magazines and newspapers and email marketing templates were all perfect. We couldn't ask for any more!

The Treasury Restaurant

Having worked with Ryan from the MX group for the past year, I am delighted to offer a testimonial to their services. Price is a crucial subject in these challenging times, I have found the services of web and graphic design extremely competitive and fantastic value for money. More importantly I have found the level of service offered by Ryan superb. Always willing to help and offer sound advice no matter what the time-scale and no matter what his work load, he goes the extra mile each and every time to ensure that my needs are catered for.

Proven Promotions Ltd

You may think we would be a bit bias considering we started up with MX Signs, but that aside 4 websites later 100's of designs for print, several logo's, website domains and hosting, SEO work and more. We know whatever we need we can turn to MX Signs and get the job done quickly and to the highest standard and that's what we need.

MX Wholesale

I was so pleased with my website, business cards and flyers. You really listened to what I wanted and made my visions come to life. The design work, colours and concepts kept true to the brand image across all three mediums. Thank you very much.

Juliet Reeves Designs

We really appreciate all the hard work accomplished by the design and development team. Tight deadlines, but they managed to get it done and we are very impressed by the quality of their work.

Tool Monster