Important – Update your servers- Latest Bash shell threat

If you are using a linux / mac /freebsd /unix server  then  your server might be vulnerable to  bash bug which is newly discovered by  security professionals.

Bash is  a command processing tool which can communicate  with the operating system and process the commands given by the user typically from a text window of bash client console.

Most of the VoIP switches are linux  based  and using apache  web server as a  front end , so  make sure your server is not vulnerable to this bug .

I am not going deeply  into the technical details of this bug  but will  briefly write  how to fix it  .

First check if your server is  vulnerable to this bug with this simple command

env VAR='() { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”

If the result displays like below

Bash is vulnerable!
Bash Test

Then it is the time to  update your bash shell .

if you are uisng Redhat / centOS  then update it with

yum update bash 

If you are using  Debain/Ubuntu then run

sudo apt-get update && sudo apt-get install –only-upgrade bash

Another solution  is switching  to some other shell like tcsh or ksh  if you are comfortable with those shells.