Skip to main content
BlogCloud Overviews‘Shellshock’ Bash vulnerability

‘Shellshock’ Bash vulnerability

Over the last week, several vulnerabilities in GNU Bash have been discovered and are being referred to as “Shellshock”. Using these vulnerabilities an attacker can remotely execute commands, thereby compromising the machine. To make matters worse, many common configurations provide vectors for this attack, making it a serious problem.

Many Linux distributions have already provided patched software, so the best thing you can do is bring your systems up to date. We have published a guide to help determine if your server is vulnerable and how to update Bash:

Upgrading Bash for the Shellshock Vulnerability

Please do not hesitate to open a support ticket if you have any additional questions or concerns.


Comments (5)

  1. Author Photo

    Presumably the DHCP servers at Linode that most Linodes use by default, were patched?

    Thanks

  2. Author Photo

    nm, I realise the exploit works only if a malicious DHCP server attacks a vulnerable *client*

    🙂

  3. Author Photo

    Thank you for the detailed guide on how we can protect our Linodes. As our service provider, please release a statement addressing your response to the vulnerability for the Linode infrastructure and your progress in patching.

    • Tom Asaro

      We’ve upgraded Linode infrastructure several times since this has been disclosed, and as soon as updates have been released.

  4. Author Photo

    If you Could you update that guide to check CVE-2014-6278 vulnerability, that would be great. One page contains information to check these chaining bugs that effecting bash

Leave a Reply

Your email address will not be published. Required fields are marked *