Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old Rumi, October 3, 2014December 19, 2014 First check if your Bash is vulnerable, execute the following command- env x='() { :;}; echo vulnerable’ bash -c ‘echo this is a test’ If your system is vulnerable, you will see: vulnerable this is a test If your system is not vulnerable, you will see: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test To check for the vulnerability CVE-2014-6271, run the following in Bash: env X='() { (a)=>\’ sh -c “echo date”; cat echo If your system is vulnerable, you will see: bash: X: line 1: syntax error near unexpected toke `=’ bash: X: line 1: `’ bash: error importing function for `X’ Sun Sep 08:17:32 EST 2014 If your system is not vulernable, you will see: date cat: echo: No such file or directory To test the vulnerability CVE-2014-7186, run the following in Bash: bash -c ‘true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF’ || echo “CVE-2014-7186 vulnerable, redir_stack” If your system is not vulnerable, you will see: bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) So, let’s start fixing it! Below, I’ve tried to put various contributors solution to place in a single entry. For Debian 6 (Squeeze) Append this to your sources.list: deb http://http.debian.net/debian squeeze-lts main contrib non-free deb-src http://http.debian.net/debian squeeze-lts main contrib non-free and then run apt-get update apt-get install -t squeeze-lts –only-upgrade bash For Redhat/CentOS: Update the bash using yum (or other package management utility for your appropriate distribution) yum update bash On RedHat 5 (and CentOS 5), the following is the bash version after the update, which fixed the vulnerability. # rpm -qa | grep bash bash-3.2-33.el5_11.4 On RedHat 6 (and CentOS 6), the following is the bash version after the update, which fixed the vulnerability. # rpm -qa | grep bash bash-4.1.2-15.el6_5.2.x86_64 Wait! It’s not over yet! But above all I found this excellent scrpt from GIT contributor, that really works on various Ubuntu, Debian distribution (even some old distros). deshellshock Resource Link- http://www.thegeekstuff.com/2014/09/bash-shellshock-fix-cve-2014-7169/ http://unix.stackexchange.com/questions/157787/legacy-debian-versions-and-bash-shellshock http://unix.stackexchange.com/questions/157414/how-to-only-install-security-updates-on-debian https://raw.githubusercontent.com/pbkwee/deshellshock/master/deshellshock.sh https://www.linode.com/docs/security/security-patches/patching-bash-for-the-shellshock-vulnerability Related Administrations Configurations (Linux) Scripts BashCentOSDebianShellStickyUbuntu
Installing MondoArchive in Debian 6 May 24, 2013 MondoArchive is an excellent backup tool found in Linux. However, the installation process is not obviously clear in debain- it lacks of a simple clue to let you know how to install in the easiest way in debian by using 'apt-get'. All you need is to add this simple repository… Read More
Install nginx using yum on CentOS or SL Linux October 25, 2013 Step #1: Install nginx repo Type the following wget command to install nginx yum configuration file: # cd /tmp CentOS Linux v6.x user type the following command: # wget http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm # rpm -ivh nginx-release-centos-6-0.el6.ngx.noarch.rpm RHEL v6.x user type the following command: # wget http://nginx.org/packages/rhel/6/noarch/RPMS/nginx-release-rhel-6-0.el6.ngx.noarch.rpm # rpm -ivh nginx-release-rhel-6-0.el6.ngx.noarch.rpm Related Read More
Add Geolocation to Graylog 2 August 16, 2020 The Graylog Map Widget is the plugin providing geolocation capabilities to Graylog. The plugin is compatible with Graylog 2.0.0 and higher, and it is installed by default, although some configuration is still required on your side. This section explains how to configure the plugin in detail. In case you need to reinstall the… Read More