Important – Update your servers- Latest Bash shell threat
If you are using a linux / mac /freebsd /unix server then your server might be vulnerable to bash bug which is newly discovered by security professionals.
Bash is a command processing tool which can communicate with the operating system and process the commands given by the user typically from a text window of bash client console.
Most of the VoIP switches are linux based and using apache web server as a front end , so make sure your server is not vulnerable to this bug .
I am not going deeply into the technical details of this bug but will briefly write how to fix it .
First check if your server is vulnerable to this bug with this simple command
env VAR='() { :;}; echo Bash is vulnerable!’ bash -c “echo Bash Test”
If the result displays like below
Bash is vulnerable!
Bash Test
Then it is the time to update your bash shell .
if you are uisng Redhat / centOS then update it with
yum update bash
If you are using Debain/Ubuntu then run
sudo apt-get update && sudo apt-get install –only-upgrade bash
Another solution is switching to some other shell like tcsh or ksh if you are comfortable with those shells.
Recent Comments