Security Updates -
0%
0
Red Hat Product Security has recently made a public announcement regarding a vulnerability in Bash, recorded as CVE-2014-6271. The vulnerability affects a variety of Linux distributions, including Red Hat Enterprise Linux, CentOS, CloudLinux, Debian, and Ubuntu. More details are available here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
24Shells takes the security of our customers very seriously and encourages you to take the recommended actions as soon as possible.
What Should You Do?
The recommended course of action is to perform a Bash upgrade. The upgrade does not cause service interruption, and no reboots are necessary. Please note that for VoipNow Cloud OnDemand and DNS Manager Cloud OnDemand instances 4PSA has already performed the update and no further action is needed.
For Red Hat, CentOS, CloudLinux customers
Open server shell with putty or ssh and run as root:
yum -y update bash
For Debian, Ubuntu customers
Open server shell with putty or ssh and run as root:
apt-get update
apt-get install --only-upgrade bash
How do you find out if you are vulnerable?
To test if you are vulnerable you can run in server console:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If in the output you see the word "vulnerable" you are advised to update immediately!