We have been made aware of a serious security vulnerability in Bash that
affects multiple operating systems and applications. Some of the reported OS includes:
- Red Hat Enterprise Linux / CentOS 7
- Red Hat Enterprise Linux / CentOS 6
- Red Hat Enterprise Linux / CentOS 5
- Red Hat Enterprise Linux / CentOS 4 (ELS)
- Ubuntu 10, 12, 14
- Debian
To determine if a Linux or Unix system is vulnerable, run the following command lines in your linux shell:
- env X="() { :;} ; echo shellshock" /bin/sh -c "echo completed"
- env X="() { :;} ; echo shellshock" `which bash` -c "echo completed"
If you see the words "shellshock" in the output, errrrr… then you are at risk.
If you are running on CPanel, you need not to worry, as the CPanel system automatically updates itself to the latest fix available.
If you are running with CPanel or not configuring the auto update using yum, you can run the following command:
# yum update bash
This will update your bash into the latest version with the fix of this issue.