Recently, the United States Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) issued an alert regarding CVE-2014-6271, or the ‘Shellshock’ bug, a severe flaw in the bash Linux shell. This flaw allows attackers to gain complete control of a system with relative ease. A second vulnerability, CVE-2014-7169, was spotted while a patch was being written for the first.
The status for Codero customers as of 9/29:
Managed Services: Your servers have been patched for all five vulnerabilities and our technicians are actively monitoring your infrastructure.
Self managed: It is critical that you patch your servers against all five exploits immediately. If you have not updated bash since Sunday, Sept 28 at 1:11AM EST, your system is vulnerable. If you use CentOS, here are the instructions to patch against the first exploit (CVE-2014-6271). To patch against the second exploit (CVE-2014-7169), reference Red Hat’s instructions.
To patch against the three new vulnerabilities:
For CentOS 5, 6 and 7:
For Ubuntu 10, 12 and 14:
apt-get install bash
Full system update:
If you are interested in learning more about the Shellshock bug, please see below.
How does Shellshock work?
Shellshock leverages other software packages such as Apache or CPanel that in some way relay instructions through to bash to be executed. At its heart, the exploit is very simple; if a web request is crafted in a specific way, it can be used to execute any instruction the attacker wishes.
It’s important to note that this is any bash instruction, meaning the attacker could do anything from see who is logged in, to planting the classic Linux ‘fork bomb’ and rendering the system useless until repaired.
Which Linux distributions are affected?
Nearly every Linux distribution for the last 20 years is exploitable, including:
- CentOS 5
- CentOS 6
- CentOS 7
- Ubuntu 10
- Ubuntu 12
- Ubuntu 14
To get more information about Shellshock, visit Shellshocker.net for the latest updates.
Again, if you are not a Codero Managed Services customer, we strongly recommend you patch your Linux servers immediately. Should you require assistance, please contact our support technicians. We are always available 24x7x365 to help.
Tags: online security