"Shellshock" bash bug

Teo En Ming singapore.mr.teo.en.ming at gmail.com
Fri Sep 26 16:42:49 UTC 2014 

Finished patching.

Now my Ubuntu 14.04 LTS installation is safe from the shellshock bash 
vulnerability.

-- 
Yours sincerely,

Teo En Ming
Singapore



On 27/09/2014 00:38, Teo En Ming wrote:
> I have just found that my Ubuntu 14.04 LTS installation is vulnerable 
> to the Shellshock Bash vulnerability. Patching my Ubuntu 14.04 LTS 
> installation now.
>
> $ sudo apt-get update
> $ sudo apt-get upgrade
>
> -- 
> Yours sincerely,
>
> Teo En Ming
> Singapore
>
>
> On 27/09/2014 00:04, Teo En Ming wrote:
>> I have already made sure that my cPanel server is safe from the 
>> Shellshock Bash vulnerability. Now I am trying to confirm my wireless 
>> router is safe from the shellshock bug, which is also based on Linux.
>>
>> Link for further reading:
>>
>> http://seclists.org/snort/2014/q3/976
>>
>> Thanks for the information.
>>
>> -- 
>> Yours sincerely,
>>
>> Teo En Ming
>> Singapore
>>
>>
>> On 26/09/2014 23:43, Kevin O'Gorman wrote:
>>> There has been a code-injection vulnerability in bash for the last 
>>> 22 years, recently discovered and named "Shellshock".  It's nasty. 
>>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
>>>
>>> Here's a quick one-liner to see if you're vulnerable:
>>> $ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"
>>> vulnerable
>>> this is a test
>>> $
>>>
>>> If you get that result, update your bash from the repositories, and 
>>> all should be well:
>>> $ env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"
>>> bash: warning: x: ignoring function definition attempt
>>> bash: error importing function definition for `x'
>>> this is a test
>>> $
>>>
>>> Safe computing to all
>>>
>>>
>>> -- 
>>> Kevin O'Gorman
>>> #define QUESTION ((bb) || (!b))  /* Shakespeare */
>>>
>>> 	Please consider the environment before printing this email.
>>>
>>>
>>>
>>>
>>
>>
>
>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140927/806a7d10/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 441 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140927/806a7d10/attachment.gif>

More information about the ubuntu-users mailing list