How to check/patch the Shellshock vulnerability

To check if your VPS is vulnerable to the Shellshock vulnerability, log in via SSH and execute the following:

env var='() { ignore this;}; echo vulnerable' bash -c /bin/true

If it comes back 'vulnerable' then you need to patch

if it comes back:

    bash: warning: var: ignoring function definition attempt  
    bash: error importing function definition for 'var' 

Then you are clear. In most cases you will need to patch this as even very recent versions of bash are vulnerable

Only the BASH package needs to be updated

On CentOS you will do:

yum update bash

on Debian / Ubuntu:

apt-get install --only-upgrade bash

After patching, re-run the test:

env var='() { ignore this;}; echo vulnerable' bash -c /bin/true

And make sure its coming back as clean

If you have any questions, please contact support via the ticket system

  • 96 Users Found This Useful
Was this answer helpful?

Related Articles

How do I restart Plesk on my VPS?

To restart plesk: Log in to your VPS using SSH (if you don't have an SSH client, we recommend...

How do I point my domain at my Unlimited VPS?

There are two methods that can be used to point domains into your Unlimited VPS. 1. Configure DNS...

How to Stop / Start / Reboot your VPS

In order to stop, start or restart your VPS, first you need to log in to the 'My Account' section...