{"id":444,"date":"2024-03-18T12:24:11","date_gmt":"2024-03-18T12:24:11","guid":{"rendered":"https:\/\/www.simplyhosting.com\/support\/?post_type=ht_kb&p=444"},"modified":"2024-03-18T12:24:12","modified_gmt":"2024-03-18T12:24:12","slug":"patch-the-shellshock-vulnerability","status":"publish","type":"ht_kb","link":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/","title":{"rendered":"Patch the ‘Shellshock’ Vulnerability"},"content":{"rendered":"\n

September 2014<\/strong><\/p>\n\n\n\n

Your server might be vulnerable to a bug called Shellshock, which is a mistake in the code of a program called Bash, typically installed on Linux servers. The bug allows someone to send commands to computers which they should not have access to. This document contains instructions on how to manually check the vulnerability of your Linux server.<\/p>\n\n\n\n

If you have any questions or need help checking your server, please e-mail us at support@simplyhosting.cloud<\/a> or call us at 0345 259 1234 Monday through Friday between 8am – 6pm GMT.<\/p>\n\n\n\n

Shellshock Vulnerability Manual Check<\/p>\n\n\n\n

Follow the instructions below to determine if your server is vulnerable to Shellshock (you will need to repeat these steps for each of the Linux servers you might have):<\/p>\n\n\n\n

Windows Server 2008 R2:<\/h3>\n\n\n\n
    \n
  1. Log into your server as root via SSH<\/li>\n<\/ol>\n\n\n\n

    2. Run the following command:<\/p>\n\n\n\n

    env x='() { :;}; echo vulnerable' bash -c \"echo Shellshock\"<\/mark><\/code><\/p>\n\n\n\n

    A system affected by the bug should return the following:<\/p>\n\n\n\n

    vulnerable<\/code>
    Shellshock<\/code><\/mark><\/p>\n\n\n\n

    On the other hand, a secure system should return the following:<\/p>\n\n\n\n

    bash:warning: x: ignoring function definition attempt<\/code>
    bash: error importing function definition for \u2018x\u2019<\/code>
    Shellshock<\/code><\/mark><\/p>\n\n\n\n

    <\/p>\n\n\n\n

    <\/p>\n\n\n\n

    If your system is vulnerable, you can secure it by following the instructions below based on the Linux distribution on your server:<\/p>\n\n\n\n

    Ubuntu and Debian servers:<\/h3>\n\n\n\n
      \n
    1. Log into your server as root via SSH<\/li>\n\n\n\n
    2. Run the command: apt-get update<\/li>\n\n\n\n
    3. Now run the command: apt-get install bash<\/li>\n\n\n\n
    4. Once this command has completed, rerun the above vulnerability test and you should see that your system is now secure<\/li>\n<\/ol>\n\n\n\n

      RedHat and CentOS servers:<\/h3>\n\n\n\n
        \n
      1. Log into your server as root via SSH<\/li>\n\n\n\n
      2. Run the command: yum update bash<\/li>\n\n\n\n
      3. Once this command has completed, rerun the above vulnerability test and you should see that your system now passes the vulnerability<\/li>\n<\/ol>\n\n\n\n

        <\/p>\n\n\n\n

        <\/p>\n\n\n\n

        <\/p>\n","protected":false},"excerpt":{"rendered":"

        September 2014 Your server might be vulnerable to a bug called Shellshock, which is a mistake in the code of a program called Bash, typically installed on Linux servers. The bug allows someone to send commands to computers which they should not have access to. This document contains instructions on how to manually check the […]<\/p>\n","protected":false},"author":14,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"ht-kb-category":[60],"ht-kb-tag":[64],"class_list":["post-444","ht_kb","type-ht_kb","status-publish","format-standard","hentry","ht_kb_category-simply-cloud","ht_kb_tag-shellshock-vulnerability"],"yoast_head":"\nPatch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Patch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers\" \/>\n<meta property=\"og:description\" content=\"September 2014 Your server might be vulnerable to a bug called Shellshock, which is a mistake in the code of a program called Bash, typically installed on Linux servers. The bug allows someone to send commands to computers which they should not have access to. This document contains instructions on how to manually check the […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Support Centre - Simply Hosting & Servers\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-18T12:24:12+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/\",\"url\":\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/\",\"name\":\"Patch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers\",\"isPartOf\":{\"@id\":\"https:\/\/www.simplyhosting.com\/support\/#website\"},\"datePublished\":\"2024-03-18T12:24:11+00:00\",\"dateModified\":\"2024-03-18T12:24:12+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.simplyhosting.com\/support\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Patch the ‘Shellshock’ Vulnerability\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.simplyhosting.com\/support\/#website\",\"url\":\"https:\/\/www.simplyhosting.com\/support\/\",\"name\":\"Support Centre - Simply Hosting & Servers\",\"description\":\"Simply Hosting & Servers Support Centre\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.simplyhosting.com\/support\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Patch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/","og_locale":"en_GB","og_type":"article","og_title":"Patch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers","og_description":"September 2014 Your server might be vulnerable to a bug called Shellshock, which is a mistake in the code of a program called Bash, typically installed on Linux servers. The bug allows someone to send commands to computers which they should not have access to. This document contains instructions on how to manually check the […]","og_url":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/","og_site_name":"Support Centre - Simply Hosting & Servers","article_modified_time":"2024-03-18T12:24:12+00:00","twitter_card":"summary_large_image","twitter_misc":{"Estimated reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/","url":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/","name":"Patch the 'Shellshock' Vulnerability - Support Centre - Simply Hosting & Servers","isPartOf":{"@id":"https:\/\/www.simplyhosting.com\/support\/#website"},"datePublished":"2024-03-18T12:24:11+00:00","dateModified":"2024-03-18T12:24:12+00:00","breadcrumb":{"@id":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.simplyhosting.com\/support\/articles\/patch-the-shellshock-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.simplyhosting.com\/support\/"},{"@type":"ListItem","position":2,"name":"Patch the ‘Shellshock’ Vulnerability"}]},{"@type":"WebSite","@id":"https:\/\/www.simplyhosting.com\/support\/#website","url":"https:\/\/www.simplyhosting.com\/support\/","name":"Support Centre - Simply Hosting & Servers","description":"Simply Hosting & Servers Support Centre","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.simplyhosting.com\/support\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"}]}},"_links":{"self":[{"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb\/444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/comments?post=444"}],"version-history":[{"count":2,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb\/444\/revisions"}],"predecessor-version":[{"id":462,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb\/444\/revisions\/462"}],"wp:attachment":[{"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/media?parent=444"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb-category?post=444"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/www.simplyhosting.com\/support\/wp-json\/wp\/v2\/ht-kb-tag?post=444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}