The recently discovered ShockShell vulnerability affects many Linux and Mac systems, because they are using the vulnerable BASH shell.
How do I know if I am vulnerable to this attack and how do I protect myself from it?
Asked
Active
Viewed 2,865 times
1 Answers
-1
The ShockShell vulnerability affects many systems.
Is my system affected?
If you want to check if your system is affected, run the following command inside a terminal window running bash. Ubuntu's gnome-terminal runs bash by default (to see if you are running bash, then run echo $SHELL, and if it echoes bash then you run bash) :
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If your system is vulnerable, then you will see this:
vulnerable
hello
If it is not vulnerable you will see this:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for 'x'
hello
How do I protect myself?
Programmers have quickly released patches for this vulnerability, so make sure that you have the latest versions of all the packages in your system installed:
sudo apt-get update && sudo apt-get upgrade
This will upgrade your bash version to the latest, patched one and you should be safe.
Why is this vulnerability serious?
This vulnerability is said by some to be more serious than the HeartBleed vulnerability because it allows remote execution of commands through bash to the infected systems.
hytromo
- 4,904
env X='() { (a)=>\' bash -c "echo echo vuln"; [[ "$(cat echo)" == "vuln" ]] && echo "still vulnerable :(". See also here. Also,echo $SHELLdoes not print the shell you're running, it just prints your default andgnome-terminaldoes not run any shell by default, that depends on your user's settings and is completely independent of the terminal. – terdon Sep 25 '14 at 20:27