0

Remote exploit vulnerability in bash CVE-2014-6271

A remotely exploitable vulnerability has been found in bash on Linux. The vulnerability has the CVE identifier CVE-2014-6271. This affects all Linux distributions and could pose a bigger threat to computer than the “Heartbleed” bug that discovered in April so you need to patch servers asap.

The exploit can potentially be used to execute arbitrary code on environment variables that are passed to child processes. This could include CGI scripts that are used to pass through environment variables from a web server to the child process and that is run by a bash script for vulnerable versions of bash.

Both Debian and RedHat have provided updated binaries and other operating system vendors are expected to follow this quickly.

More OS specific details can be found below.

Debian

Ubuntu

RedHat/Fedora

You can verify if your server is vulnerable to this exploit or not by executing following command.

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If it reports “vulnerable this is a test” then you need to apply the security update asap but if you see something like below then your good.

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x
this is a test

[UPDATE]:

The initial round of patches to fix CVE-2014-6271 have proven ineffective at fully resolving the issue. A new CVE code has been issued “CVE-2014-7169“ and vendors have already provided new patch for it so everyone is required to apply the new update.