Under Linux bash critical vulnerability fix upgrade method-vulnerability warning-the black bar safety net

2014-10-03T00:00:00
ID MYHACK58:62201454274
Type myhack58
Reporter 佚名
Modified 2014-10-03T00:00:00

Description

By Linux official built-in Bash in the newly discovered a very serious security vulnerability, vulnerability reference: https://access. redhat. com/security/cve/CVE-2 0 1 4-6 2 7 1, a hacker can take advantage of the Bash vulnerabilities in complete control of the target system and attack, in order to avoid yourLinux serveris affected, we recommend that you as soon as possible to complete the vulnerability patched, the repair method is as follows, please understand!

【Confirmed to be successful the use of the software and system] All installed GNU bash version is less than or equal to 4. 3 Linux operating system.

The [vulnerability description] The vulnerability stems from you calling the bash shell before creating the special environment variables, these variables can contain code, and it will be bash execution. 【Recommended repair plan

Please according to your Linux version of choice you need to repair the command, in order to prevent accidents from happening, we recommend that you execute the command before the backup of important data, the centos: yum clean all yum-y update bash

debian: apt-get-y install --only-upgrade bash

ubuntu: the

http://www.ubuntu.com/usn/usn-2362-1/ 参考 这个

Please pay attention to this thing. A timely upgrade.