Shellshock is a new vulnerability that allows attackers to put code onto your machine, which could put your Ubuntu Linux system at a serious risk for malicious attacks.
Shellshock uses a bash script to access your computer. From there, hackers can launch programs, enable features, and even access your files. The script only affects UNIX-based systems (linux and mac).
You can test your system by running this test command from Terminal:
env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’
If you’re not vulnerable, you’ll get this result:
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ hello
If you are vulnerable, you’ll get:
vulnerable hello
You can also check the version of bash you’re running by entering:
bash –version
If you get version 3.2.51(1)-release as a result, you will need to update. Most Linux distributions already have patches available.
———–
If your system is vulnerable make sure your computer has all critical updates and it should be patched already. if you are using a version of Ubuntu that has already reached end of life status (12.10, 13.04, 13.10, etc), you may be screwed and may need to start using a newer version of Ubuntu.
This should update Bash for you so your system is not vulnerable…
sudo apt-get update && sudo apt-get install –only-upgrade bash