Updating from bash
Updating from bash - fob and abc dating
Ubuntu users: There’s actually no reason this approach won’t work with Linux-based OS, including Ubuntu.
For example, this article was first published on Sep 26, 2014, and patches were released within 2 days (which are now included in the instructions below).
I wonder if there might have been a hidden typo in the key shell line ?
This entry was posted in Linux Reference Technology and tagged bash bug Fedora 14 Fedora 15 Fedora 16 Fedora 17 Fedora 18 Fedora 19 GNU patch patch bash manually patch old Fedora shellshock shellshock bug on With the announcement of the Shellshock Bash Bug, Linux admins around the world have been scrambling to patch their Bash shells so that they’re no longer vulnerable to the exploit.
Check your vulnerability by running the following tests from your shell: Running the following command in a shell.
If the above command outputs the current date (it may also show errors), you are still vulnerable.
I've googled around but not sure if I'm googling the correct terms. If I run the same script with the bash command it acctualy starts the script without any error. Remember to chmod 755 the file, and you can just run it with the file name, no need to prepend it with "bash".
I do note that when I tried to reproduce your problem I couldn't (even though your first line is incorrect the script still worked for me).In this example, because “redhat” appears in the description, the third number is the build number in the Red Hat repositories.However, if your output looked like this: the fact that it says only “pc” in that part of the description means Bash was manually compiled on your system (probably by you) and so in that case, the third number refers to the patch level of Bash version 4.0.If it just spits out the word “date,” then you’re fine against this exploit.It’s possible after running this test that you’ll have new file named “echo” in your /tmp directory. IMPORTANT: Some of the tests floating around out there for this exploit (including the one I used to reference) include the command “rm -f echo” and could potentially delete the /bin/echo file on your system…Still another patch was released on October 1, 2014.