Copyright 2021 Simon Quantrill, All Rights Reserved


Mon 29 September 2014


Bash is an environment that has been used for many years on Unix type systems namely Linux and Apple Mac (OSX). It has recently been discovered that bash can be compromised. Access is gained via server access tools like the force command feature in opens the mod_cgi and mod_cgid modules in apache web server software.

It was considered that you need only a low amount of hacking knowledge to exploit this bug, meaning that the effect would be wide spread in a very short amount of time.

This bug effect almost anything running the version of Bash that is vulnerable which is most linux systems and applemac osx

To check if you machine has the bug you can run this one line script in a terminal session.

env x=’() { :;}; echo You are vulnerable update bash NOW’ bash -c “echo If you only see me then your not vulnerable your lucky”

Fixing this is fairly easy for linux

Cent OS and Red Hat:

yum update

Debian Wheezy

apt-get update && apt-get install —only-upgrade bash

Debian Squeeze:

If the server is running squeeze then first edit /etc/apt/sources add the line

deb squeeze-lts main contrib non-free

apt-get update && apt-get install —only-upgrade bash

Debian Lenny: (you really should upgrade

Add these two lines to /etc/apt/sources.list

deb lenny main deb-src lenny main

apt-get update && apt-get install build-essential get text bison

cd /usr/src


tar zxvf bash-3.2.tar.gz

cd bash-3.2

for i in $(seq -f “%03g” 1 54); do wget -nv$i; patch -p0 < bash32-$i; done

./configure && make

make install

mv /bin/bash /bin/bash.old

cp bash /bin/bash

bash —version

Apple OSX:

first get Xcode:

run up Xcode in the gui first you will need to agree to the license first before you can run the command line tool

curl | tar zxf -

cd bash-92/bash-3.2

curl | patch -p0; curl | patch -p0 curl | patch -p0

cd ..;xcodebuild

sudo cp /bin/bash /bin/bash.bak; sudo cp /bin/sh /bin/sh.bak

sudo cp build/Release/bash /bin; sudo cp build/Release/sh /bin

sudo chmod a-x /bin/bash.bak /bin/sh.bak

check its done

bash —version

on the top