Bash Shellshock fix with scripts for Debian, Ubuntu, CentOS and other distros. including old Rumi, October 3, 2014December 19, 2014 First check if your Bash is vulnerable, execute the following command- env x='() { :;}; echo vulnerable’ bash -c ‘echo this is a test’ If your system is vulnerable, you will see: vulnerable this is a test If your system is not vulnerable, you will see: bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test To check for the vulnerability CVE-2014-6271, run the following in Bash: env X='() { (a)=>\’ sh -c “echo date”; cat echo If your system is vulnerable, you will see: bash: X: line 1: syntax error near unexpected toke `=’ bash: X: line 1: `’ bash: error importing function for `X’ Sun Sep 08:17:32 EST 2014 If your system is not vulernable, you will see: date cat: echo: No such file or directory To test the vulnerability CVE-2014-7186, run the following in Bash: bash -c ‘true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF’ || echo “CVE-2014-7186 vulnerable, redir_stack” If your system is not vulnerable, you will see: bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) bash: warning: here-document at line 0 delimited by end-of-file (wanted `EOF’) So, let’s start fixing it! Below, I’ve tried to put various contributors solution to place in a single entry. For Debian 6 (Squeeze) Append this to your sources.list: deb http://http.debian.net/debian squeeze-lts main contrib non-free deb-src http://http.debian.net/debian squeeze-lts main contrib non-free and then run apt-get update apt-get install -t squeeze-lts –only-upgrade bash For Redhat/CentOS: Update the bash using yum (or other package management utility for your appropriate distribution) yum update bash On RedHat 5 (and CentOS 5), the following is the bash version after the update, which fixed the vulnerability. # rpm -qa | grep bash bash-3.2-33.el5_11.4 On RedHat 6 (and CentOS 6), the following is the bash version after the update, which fixed the vulnerability. # rpm -qa | grep bash bash-4.1.2-15.el6_5.2.x86_64 Wait! It’s not over yet! But above all I found this excellent scrpt from GIT contributor, that really works on various Ubuntu, Debian distribution (even some old distros). deshellshock Resource Link- http://www.thegeekstuff.com/2014/09/bash-shellshock-fix-cve-2014-7169/ http://unix.stackexchange.com/questions/157787/legacy-debian-versions-and-bash-shellshock http://unix.stackexchange.com/questions/157414/how-to-only-install-security-updates-on-debian https://raw.githubusercontent.com/pbkwee/deshellshock/master/deshellshock.sh https://www.linode.com/docs/security/security-patches/patching-bash-for-the-shellshock-vulnerability Related Administrations Configurations (Linux) Scripts BashCentOSDebianShellStickyUbuntu
Installing WINE on Centos December 6, 2008 Wine is not installed by default using “Yum install win” Solution: You have to enable EPEL (Extra Packages for Enterprise Linux) repo and install the packages: Related Read More
Install SmokePing on CentOS 7 August 6, 2021August 7, 2021 This tutorial explains how to install Tobias Oetiker’s Smokeping into /opt/smokeping on a CentOS 7 box. Features of Smokeping: – Best of breed latency visualisation. – Interactive graph explorer. – Wide range of latency measurement plugins. – Master/Slave System for distributed measurement. – Highly configurable alerting system. – Live Latency… Read More
Sectigo SSL certificate installation on Zimbra March 30, 2021 1. Login to your Zimbra Admin Console using a browser. 2. In the left navigation pane under Home click Configure. Click Certificate. 3. On the right of the Zimbra Admin console click on the settings icon and select Install Certificate. 4. The Certificate Installation Wizard will pop up. 5. Under… Read More