Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- I had to add LTS repositories to update bash which fixes the Shellshock vulnerability on Debian Squeeze. I hope someone else finds this useful:
- First, check to see if your box is vulnerable. Cut/paste this to your command line:
- env x='() { :;}; echo "WARNING: SHELLSHOCK DETECTED"' \
- bash --norc -c ':' 2>/dev/null;
- If you get a response like:
- WARNING: SHELLSHOCK DETECTED
- As I did in Squeeze, you have the vulnerability. You'll have to update your repositories to the LTS version to get the updates, by commenting out your current repository lines starting with 'deb' in your /etc/apt/sources.list file and then adding these:
- deb http://http.debian.net/debian/ squeeze main contrib non-free
- deb-src http://http.debian.net/debian/ squeeze main contrib non-free
- deb http://security.debian.org/ squeeze/updates main contrib non-free
- deb-src http://security.debian.org/ squeeze/updates main contrib non-free
- deb http://http.debian.net/debian squeeze-lts main contrib non-free
- deb-src http://http.debian.net/debian squeeze-lts main contrib non-free
- Now you should update your local cache and install the upgraded bash (their servers are slow now because everyone's updating, so just pull down the bash one for bandwidth's sake):
- apt-get update && apt-get install --only-upgrade bash
- You can do a full system upgrade later. Now run the vulnerability check script above and you shouldn't get any text output, which means you're patched :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement