Regarding the "Shellshock" Bash Security Update

September 26, 2014 2.1k views
mesfinsx
By:
mesfinsx

Thanks for the update. Please let me know if these threats are serious and could cause any damages to the site. Please let me know if there is anything that I should be doing.

Thanks a lot!

Log In to Comment
2 Answers
asb MOD September 26, 2014

Hi!

In most cases, you will simply need to apply updates as normal. See this tutorial for all the details:

How to Protect Your Server Against the Shellshock Bash Vulnerability
by Mitchell Anicas
On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable...
Reply
TonyTsang September 27, 2014

Seems modern web server (not running cgi) is not affected

http://jaxbot.me/articles/cases-where-bash-shellshock-is-safe-09-25-2014

Simply apply the current updates & keep monitor upcoming security news is what we can do now.

Reply
Have another answer? Share your knowledge.