Bash Vulnerability (CVE-2014-6271 and CVE-2014-7169)
- tech2blog.com
- Sep 28, 2014
- 3 min read
Bash is one of the very advance and most used Shell in UNIX/Linux environment due to its enormous features and has become an industry standard. But on 24th September 2014 all the bash lovers were shocked to know that their lovable bash can be exploited and anyone can play with their UNIX/LINUX servers very easily. This security flaw is also called as ShellShock or Bash Vulnerability by some of the engineers and researchers.
What is Bash ?
If you are not UNIX/LINUX user, then you must not be knowing BASH and must be familiar with Windows command prompt.
Bash stands for Bourne-Again SHell. It’s a free UNIX/LINUX computer package or program that allows users to type commands and executes them. Basically it is interpreter between human and UNIX kernel and has very awesome features which I am not going to discuss here.
What is Bash Vulnerability or ShellShock?
Bash vulnerability or ShellShock (CVE-2014-6271 and CVE-2014-7169) is a exposure in GNU’s bash shell that gives hackers access to run any harmful commands on a vulnerable UNIX/LINUX servers through specially-crafted environment variables and the attackers can easily steal your important data remotely.
Recommended Reading: Red hat Update on BASH Vulnerability
Who is affected by Bash Vulnerability (CVE-2014-6271 and CVE-2014-7169)
Every computer in the world that is having UNIX/LINUX operating system or OS based on UNIX and using bash are impacted by this vulnerability. If your machine/server is running Bash version 1.14.0 or later till bash:4.3, then your system can be easily attacked exploiting bash. All the effected Bash version can be checked at national vulnerability database website.
This is wholly true for Mac OS and Android user as well as these operating systems also depend upon UNIX kernel.
Don’t worry currently Android users are safe as they did not use the BASH shell but Mac OS user needs to be aware. Though Mac OS does not use bash in an unsafe way but it is always better if you install latest security patches.
Microsoft windows user are all safe as they does not use Bash shell including Windows phone.
Tip: Most of the web hosting servers are UNIX/LINUX based so If you are a website owner or a blogger do contact your hosting provider if they are safe from this vulnerability and had applied the required patches.
I have already opened support ticket with hostgator for bash vulnerability and you should also do the same with your web hosting service provider.
Testing Your System for Bash Vulnerability
Testing your UNIX/LINUX server, desktop or Mac OS for Bash Vulnerability is very easy and you should do it. These exploit test shows if your system is vulnerable or not. You can also test your web host server in a similar way. Use our article on how to SSH your web server.
Test 1 (CVE-2014-6271)
Enter below commands on you UNIX terminal.
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If you see “vulnerable” on your output screen, you need to update bash. As you can see above screenshot where we are getting word “vulnerable” on our output, means we are ready to be exploited and my system current bash version is bash-4.1.2-15.el6_4.x86_64.
Test 2 (CVE-2014-7169)
env X='() { (shellshocker.net)=>\' bash -c "echo date"; cat echo ; rm -f echo
The second test here displayed the date and some error, date means our system is vulnerable and bash needs to be updated.
How to Resolve/Fix Bash Vulnerability
If you don’t want to get exploited by this recent bash bug, then you can do the below 2 things to get rid of it.
1. Uninstall Bash and start using other shells like KSH, CSH, SH, ZSH etc.
2. Update your bash shell to most recent available version and test above things.
Attacker has already started scanning systems which can be exploited and and in a blog post I read that someone is already using a massive Internet scan to find vulnerable servers and system for attack and he was able to find over 3,000 servers that were vulnerable “just on port 80” which is a port used for normal Web Hypertext Transfer Protocol (HTTP) requests.
I have written about this security threat lately here as I was myself busy in updating bash shell for many UNIX servers for a client. If you have any issue or doubt regarding Bash vulnerability please let me know and I will try to help but first of all go get your bash shell updated as all the UNIX/LINUX vendor has already released the working patch for this bug.
Comments