Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about what is the emergency repair plan for serious vulnerabilities in Linux Bash. Many people may not know much about it. In order to make you understand better, the editor has summarized the following contents for you. I hope you can gain something according to this article.

Bash security vulnerability has just been revealed today. There is a security vulnerability in Bash, which directly affects Unix-based systems (such as Linux, OS X, etc.). The vulnerability will cause remote users to execute arbitrary code on the affected system.

[software and systems identified for successful use]

All Linux operating systems with GNU bash version less than or equal to 4.3 are installed.

[vulnerability description]

The flaw is due to special environment variables created before the bash shell you call, which can contain code and be executed by bash.

[vulnerability detection method]

Vulnerability detection command: $env Xerox'() {:;}; echo vulnerable' bash-c "echo this is a test"

Vulnerable

This is a test

If shown above, then, unfortunately, a security patch must be applied immediately.

[recommended patching scheme]

Special hint: this fix will not have any effect.

Select the command you need to fix based on the Linux version:

Centos:

Yum-y update bash

Ubuntu:

14.04 64bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_amd64.deb & & dpkg-I bash_4.3-7ubuntu1.1_amd64.deb

14.04 32bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_i386.deb & & dpkg-I bash_4.3-7ubuntu1.1_i386.deb

12.04 64bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_amd64.deb & & dpkg-I bash_4.2-2ubuntu2.2_amd64.deb

12.04 32bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_i386.deb & & dpkg-I bash_4.2-2ubuntu2.2_i386.deb

10. × 64bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_amd64.deb & & dpkg-I bash_4.1-2ubuntu3.1_amd64.deb

10. × 32bit

Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_i386.deb & & dpkg-I bash_4.1-2ubuntu3.1_i386.deb

Debian:

7.5 64bit & & 32bit

Apt-get-y install-- only-upgrade bash

6.0.x 64bit

Wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3%2bdeb6u1_amd64.deb & & dpkg-I bash_4.1-3+deb6u1_amd64.deb

6.0.x 32bit

Wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3%2bdeb6u1_i386.deb & & dpkg-I bash_4.1-3+deb6u1_i386.deb

Opensuse:

13.1 64bit

Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.x86_64.rpm & & rpm-Uvh bash-4.2-68.4.1.x86_64.rpm

13.1 32bit

Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.i586.rpm & & rpm-Uvh bash-4.2-68.4.1.i586.rpm

Aliyun linux:

5.x 64bit

Wget http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm & & rpm-Uvh bash-3.2-33.el5.1.x86_64.rpm

5.x 32bit

Wget http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm & & rpm-Uvh bash-3.2-33.el5.1.i386.rpm

[patch completion test]

After upgrading bash, perform the test:

$env echo this is a test'() {:;}; echo vulnerable' bash-c "echo this is a test"

Bash: warning: x: ignoring function definition attempt

Bash: error importing function definition for `x'

This is a test

If shown above, the vulnerability has been fixed.

After reading the above, do you have any further understanding of the emergency fix for serious vulnerabilities in Linux Bash? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.