Fixing CVE-2014-6271
In many common configurations, this vulnerability is exploitable over the network.
Chet Ramey, the GNU bash upstream maintainer, will soon release official upstream patches.
Issue with CVE-2014-6271
http://seclists.org/oss-sec/2014/q3/649
Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name.
Quick responses from distributions
Ubuntu’s statement is available here: http://www.ubuntu.com/usn/usn-2362-1/
CentOS release this: http://lists.centos.org/pipermail/centos-announce/2014-September/020582.html
RedHat released this: https://access.redhat.com/solutions/1207723
Are you vulnerable to CVE-2014-6271?
On your GNU/Linux system, type echo $0. If the output is -bash, you are running bash.
Test if your system is vulnerable. Ensure that your shell is bash. If you aren’t on bash, you can type bash to get to bash-shell.
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
You are vulnerable if the output is:
vulnerable
this is a test
Fix CVE-2014-6271 on Ubuntu
Type this
sudo apt-get update && sudo apt-get --only-upgrade install bash
Ubuntu 10.04LTS may use
sudo apt-get update && sudo apt-get install bash
Ensure that the output contains something like this:
The following packages will be upgraded:
bash
1 upgraded, 0 newly installed, 0 to remove…
Test for vulnerability again. If possible, reboot the system.
Fix CVE-2014-6271 on CentOS
On RedHat/CentOS, use this command and rest for vulnerability
sudo yum clean all && yum update bash
Ensure that the output contains something like this:
Updated:
bash.x86_64 0:3.2-33.el5.1 (your version may be different)