Correction of BASH error

Virtuální servery > Linux > Zabezpečení linuxových serverů

ATTENTION!! This guide cannot be used for Forpsi Cloud or Classic VPS services, but only for old (no longer provided) VPS services.

On September 24th, 2014 an error has been found in the GNU Bash program. Not patched GNU Bash 4.3 and earlier contains a command injection vulnerability that may allow remote code execution.

In most used distributions like Debian and Centos there is already available upgrade package. For install this update follow these steps:
  1. after login via SSH
    enter command

     yum update bash

    if system not contains yum, download package bash from CentOS repozitory and update by command

     rpm -Uvh packagename.rpm

    Official repozitory you can find here  CentOS 5, CentOS 6

  3. In the Power Panel software center:
    please see article Correction of SSL critical error. The procedure is identical.


For dedicated servers with Debian/Ubuntu installations upgrade an application by command

 apt-get install --only-upgrade bash

For more infromations see for example Wikipedia article  Shellshock (software bug) 
Article ID: 3400, , Modified: 11/25/2020 at 12:24 PM

Was this article helpful?

Share this article

Translations

Czech (čeština)