CentOS Bash Patch – ShellShock

ShellSock – Patching

Unless you’ve been under a rock for the last few days you’ve probably heard about the new Bash exploit (CVE-2014-6271) ‘ShellShock’ that allows remote code execution through bash, because of the amount of servers and applications using the bash service it’s a fairly big deal in the security world.

How To Patch

Here’s a few simple commands to get your CentOS servers patched, please for your sake do this ASAP.

# Check if vulnerable
env x='() { :;}; echo Vulnerable system'  bash -c "echo Testing..."
 Vulnerable system
 Testing...
#
# If you need to access the web via a proxy, add that here.
nano ~/.bash_profile
export http_proxy=http://192.168.1.123:3128
# Apply the patch
yum update bash -y
# Remove proxy (if used
nano ~/.bash_profile
# export http_proxy=http://192.168.1.123:3128
# Check if vulnerable
env x='() { :;}; echo Vulnerable system'  bash -c "echo Testing..."
 Testing...
#

Any problems or questions, please leave a comment.

Technology enthusiastic with many ongoing online projects one of which is this personal blog PingBin.
While also working full time within a data center designing and maintaining the network infrastructure.

Leave a reply:

Your email address will not be published.