cpanel-bash-shellshock-vulnerability

On September 24th, a vulnerability was reported in the GNU Bourne-Again-Shell (BASh, or Bash), specifically a flaw with how Bash processes values of environment variables, that allows remote code execution of varying types in many common configurations. The overall risk is severe due to bash being configured for use, by default, on most Linux servers.

What is Shellshock?

This flaw exploits Bash, a Unix command-line shell run by default on most Linux servers. Allows for remote code execution, and many types of command-line based attacks.

How to check your web server for vulnerability?

Log into your server and via ssh / terminal and run this command:

[[email protected] ~]# env x='() { :;}; echo vulnerable' bash -c 'echo hello'

If you are vulnerable it will return:

[[email protected] ~]# env x='() { :;}; echo vulnerable' bash -c 'echo hello'
vulnerable
hello

To fix it will depend on your LINUX distribution but you will want to reinstall or update, which ever you prefer:


#sudo apt-get install bash

- or - 

#sudo yum update bash

Once complete, rerun the test and you will get:

[[email protected] ~]# env x='() { :;}; echo vulnerable' bash -c 'echo you are safe now'
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
you are safe now