I’ve put together a simple script to check your Linux systems for vulnerability to the BASH “Shellshock” exploit.
Specifically CVE-2014-6271, CVE-2014-7169, and CVE-2014-7186.
SSH into your server and run the following commands;
wget http://tank.uqdc.com/scripts/shellshock-test.sh chmod +x shellshock-test.sh ./shellshock-test.sh
To patch your system, if you are running Debian “Squeeze” you will need to add the following to your /etc/apt/sources.list;
deb http://http.debian.net/debian/ squeeze-lts main contrib non-free deb-src http://http.debian.net/debian/ squeeze-lts main contrib non-free
Then run the following;
apt-get update apt-get install debian-archive-keyring
If you are running Debian “Wheezy” or above, simply do;
apt-get update apt-get install --only-upgrade bash
Then run “shellshock-test.sh” again to check that all is patched.