There is an easily way to check whether your server is vulnerable by the following command
Once execute the command you will get an output same as below there is no vulnerable.
# cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo
date
cat: /tmp/echo: No such file or directory
If your server is vulnerable, then the following will be displayed (with the date):
# cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo
bash: x: line 1: syntax error near unexpected token `='
bash: x: line 1: `'
bash: error importing function definition for `x'
Thu Oct 2 17:05:50 IST 2014
And the file /tmp/echo will be created.
You want to update Bash on your server, execute the commands
# yum clean all
# yum -y update bash
# yum -y update
# yum -y update bash
# yum -y update
referenced from the URL
Comments (0)