General > Users
Shellshock vulnerability - do we need to do anything?
purps:
Not wanting to start a panic or anything, but thought I should ask the question seeing as we are all using Linux and not only that, using it as a gateway/router.
I had an email come round at work warning us of this potential weakness. It was recommended we run the following command...
--- Quote ---env X="() { :;} ; echo vulnerable" /bin/sh -c "echo this is a test
--- End quote ---
...to see if we are vulnerable. If I am to believe this test, then apparently I am.
What can we do, if anything?
Cheers,
Matt.
coley:
--- Code: ---apt-get update && apt-get upgrade
--- End code ---
should sort you out - updated bash packages have been released already.
-Coley.
purps:
Yeah I was afraid somebody might say that :-)
Is there any way to upgrade only the packages affected by this issue?
Cheers,
Matt.
coley:
--- Code: ---sudo apt-get install bash
--- End code ---
-Coley.
purps:
I'm getting the following error:
--- Code: ---Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
bash-doc
Recommended packages:
bash-completion
The following packages will be upgraded:
bash
1 upgraded, 0 newly installed, 0 to remove and 172 not upgraded.
Need to get 0B/647kB of archives.
After this operation, 57.3kB disk space will be freed.
WARNING: The following packages cannot be authenticated!
bash
Authentication warning overridden.
(Reading database ... 132533 files and directories currently installed.)
Preparing to replace bash 4.1-2ubuntu3 (using .../bash_4.1-2ubuntu3.4_i386.deb) ...
Unpacking replacement bash ...
dpkg: error processing /var/cache/apt/archives/bash_4.1-2ubuntu3.4_i386.deb (--unpack):
trying to overwrite '/bin/sh', which is also in package dash 0:0.5.5.1-3ubuntu2
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode.
Processing triggers for man-db ...
Errors were encountered while processing:
/var/cache/apt/archives/bash_4.1-2ubuntu3.4_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
--- End code ---
I have tried "sudo apt-get install --true-upgrade bash" and "sudo apt-get install --reinstall bash" also.
Cheers,
Matt.
EDIT: Could I chroot from a live CD or something? If yes, to what directory? Or have I misunderstood how one uses chroot?
Navigation
[0] Message Index
[#] Next page
Go to full version