Debian 6 Bash Vulnerability

Hello guys,

 

I will now let you know the steps involved to protect your Debian6 system from Bash Vulnerability. To check your system against vulnerability, please use the below command

root@debian6:~# env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

If it returns the following output, then your system is vulnerable. You will get the below output

Bash is vulnerable!
Bash Test

To fix this we would need to upgrade bash, the default repository won’t have a bash patch, hence we would need to use an additional repositry. Please find the commands below to complete it.

Step1: Add the below entry to your /etc/apt/sources.list file.

deb http://ftp.us.debian.org/debian squeeze-lts main non-free contrib

 

Step2: then execute the update commands

root@debian6:~# apt-get update
root@debian6:~# apt-get install --only-upgrade bash

 

That’s it, now you can test the server using the same testing command which we used earlier.

 

root@debian6:~# env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash Test

That’s it, your Debain6 system is protected from ShellShock vulnerability.

Reference: http://unix.stackexchange.com/questions/157805/bash-vulnerability-cve-2014-6271-shellshock-fix-on-debian-squeeze

Leave a Reply

Protected by WP Anti Spam