A vulnerability in the Linux Bash shell may allow for an attacker to execute code on a server and open the door to other attacks taking place that could lead to the server becoming fully compromised.

Affected distributions include:

  • Red Hat Enterprise Linux (versions 4 – 7)
  • Fedora
  • CentOS (versions 5 – 7)
  • CloudLinux
  • Debian

If you are running cPanel with auto-updates turned on there will be no further action required as this will be automatically fixed.

To test your system for the exploit, you can run this command from shell:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the bug exists you will see this message on screen:

vulnerable
this is a test

Most Linux distributions have issued a fix, and for Redhat, CloudLinux and CentOS systems you can run yum update which will bring down the updated version of Bash.

Your system is no longer vulnerable if the above test returns this:

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

If you require any assistance with updating or checking your VPS/Server please contact our support team on the help desk.

Leave a Reply

Your email address will not be published. Required fields are marked *

About Host Media

We have been hosting websites since 2002 and are always moving forward. All articles written under the Host Media author are created by the team who support our customers.

Category

Hosting Industry, Internet News, Server News

Tags

, , ,