A major security bug has been discovered in the GNU Borne Again Shell (Bash) – a command-line shell that’s used across a wide array of Linux and Unix operating systems. The bug leaves systems running these OS’s open to the attack, and is centred around how Bash handles environmental variables that are passed by the operating system or through a program that calls a Bash-based script. What’s even more worrying is those who are running networks with these affected operating systems, as if Bash has been configured to be the default system shell – it’s capable that network-based attacks can be launched against servers and linked systems via web requests, secure shell, telnet sessions – or any other programs that utilises Bash to execute scripts.
This is a deep and widespread conundrum – one that’s potentially on the same scale as the Heartbleed bug that was discovered earlier this year. The global scale of systems and networks that are potentially compromised by the newly discovered security hole is enormous. Thankfully there is a rather easy method to determine if your particular Linux or Unix system is vulnerable. Simply open up your command line and enter:
env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
If the system is vulnerable, the output will be:vulnerable
this is a test
An unaffected (or patched) system will output:bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
System administrators are urged to update their versions of Bash to the latest version to ensure resistance against the bug. Downloading the patched builds are available here for CentOS, Ubuntu and Debian.
Thanks to TheVerge for providing us with this information.
The CYCLEDESK 100 is not just an ordinary gaming desk, it is designed for a…
The NZXT Lift 2 is an symmetrical mouse that goes the distance. Its lightweight design…
The MAG B650 TOMAHAWK WIFI is a gaming oriented ATX motherboard constructed around the latest…
Experience incredible performance, visuals, and efficiency when gaming and streaming with the AMD Radeon™ RX…
Welcome to the new era of performance. AMD Ryzen 7000 Series ushers in the speed…
Take a step into the future with the Z790 Gaming Plus Wifi motherboard, designed and…