How to tell if your Unix machine is vulnerable to the bash security flaw

Posted on September 26, 2014 by

2


A simple command you can execute to check your machine.

About the security flaw

From RedHat’s report on the topic:

Bash or the Bourne again shell, is a UNIX like shell, which is perhaps one of the most installed utilities on any Linux system. From its creation in 1980, Bash has evolved from a simple terminal based command interpreter to many other fancy uses.

the vulnerability arises from the fact that you can create environment variables with specially-crafted values before calling the Bash shell. These variables can contain code, which gets executed as soon as the shell is invoked. The name of these crafted variables does not matter, only their contents. As a result, this vulnerability is exposed in many contexts

Here’s another article from Ars Technica.

How to tell if you’re vulnerable?

(Adapted from RedHat)

To check if your system is vulnerable, cut and paste the following onto the command line

env x='() { :;}; echo you are vulnerable' bash -c "echo "

If the system reports “you are vulnerable” — you guessed it, you are vulnerable.  Here’s what it looks like on my Macbook Pro:

screenshot

If instead, nothing prints out, or you get a warning message, your system is most likely protected against this exploit. Here’s the example output from a secured machine:

screenshot

What to do?

If the machine in question is a server, get the security patch right away.  If the machine is your personal laptop, for instance, the risk is lower. Most unix-based distributions have issued patches and published upgrade instructions.  As of this writing Apple has not yet issued a patch for MacOS.

Advertisements
Posted in: Uncategorized