How to patch Bash CVE-2014-6271 vulnerability in Ubuntu/ Debian/ CentOS

Yesterday we had heard the news about BASH CVE-2014-6271 vulnerability
/ Bash ShellShock Vulnerability and it became very excited on the internet.
currently available patches for the bug, and now I will share how to "" in three different servers  Ubuntu, Debian and CentOS 6.5

Okay before please checkthe vulnerability.

env x='() { :;}; echo vulnerable' bash -c 'echo hello'

and if you get results :

vulnerable
hello

You are Vulnerable.

and  if you get this results :

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello

You are Not Vulnerable.

Oke now "How to patch Bash CVE-2014-6271 vulnerability"

In Ubuntu

Check a bash version

sudo su
dpkg -s bash | grep Version

 my version is "Version: 4.2-2ubuntu2.1" and Vulnerable.

Update a bash for Patching :

sudo apt-get update && sudo apt-get install bash

Try chek it again and you Now Not Vulnerable.

In Debian

I Found a simple bash script fot patching from this blog https://dmsimard.com.

Download and save this script http://pastebin.com/raw.php?i=R3di5HyV

Make it Excutable and run it.

chmod +x script.sh
./script.sh

Try Chek again and you Now Not Vulnerable.

In CentOS 6.5

I centOS 6.5 i have tried it to patch with this.


Chek the versions :

rpm -qa bash

and you get the version( my is bash-4.1.2-15.el6_5.2). Then Update it :

yum update bash-4.1.2-15.el6_5.2

Now you are Not Vulnerable.

source :
https://access.redhat.com/node/1207723
http://askubuntu.com/questions/528101/what-is-the-cve-2014-6271-bash-vulnerability-shellshock-and-how-do-i-fix-it
https://dmsimard.com/2014/09/25/the-bash-cve-2014-6271-shellshock-vulnerability/