Hello guys,
I will now let you know the steps involved to protect your Debian6 system from Bash Vulnerability. To check your system against vulnerability, please use the below command
root@debian6:~# env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
If it returns the following output, then your system is vulnerable. You will get the below output
Bash is vulnerable! Bash Test
To fix this we would need to upgrade bash, the default repository won’t have a bash patch, hence we would need to use an additional repositry. Please find the commands below to complete it.
Step1: Add the below entry to your /etc/apt/sources.list file.
deb http://ftp.us.debian.org/debian squeeze-lts main non-free contrib
Step2: then execute the update commands
root@debian6:~# apt-get update root@debian6:~# apt-get install --only-upgrade bash
That’s it, now you can test the server using the same testing command which we used earlier.
root@debian6:~# env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test" Bash Test
That’s it, your Debain6 system is protected from ShellShock vulnerability.