Running a VPS/Server? Watch out for the Shell Shock bug
From Bash Bug May Be Worse Than Heartbleed
CVE-2014-6271, a vulnerability in the command shell Bash, affects many Linux- and UNIX-based systems. Although no exploits have yet been seen in the wild, the pervasiveness and ease of exploit have earned it a CVSS score of 10. The bug makes remote code execution possible, even though Bash itself does not handle data from remote users. |
From September | 2014 | Ars Technica
There is an easy test to determine if a Linux or Unix system is vulnerable. To check your system, from a command line, type: PHP Code: PHP Code: PHP Code: |
To update your CentOS/RedHat/Amazon Linux server you can run:
sudo update bash
sudo apt-get update && sudo apt-get install --only-upgrade bash
Now go patch your systems!!!