Centos6.1~6.5 bash重要安全更新

CESA-2014:1293 Critical CentOS 6 bash Security Update
http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html
SSH bash紧急安全补丁!重要!
测试是否存在漏洞,执行以下命令:
env t='() { :;}; echo You are vulnerable.’ bash -c "true"
如果显示You are vulnerable,很遗憾,必须立即打上安全补丁修复
https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
CESA-2014:1293 Critical CentOS 6 bash Security Update
http://lists.centos.org/pipermail/centos-announce/2014-September/020585.html

———————————————————————–

让我们看一下Centos6.5

[root@kinggoo.com~]# cat /etc/redhat-release 
CentOS release 6.5 (Final)

image

更新bash

[root@kinggoo.com ~]# yum  update bash

image

更新命令及ldconfig后,在去使用测试命令

[root@kinggoo.com ~]# ldconfig
[root@kinggoo.com ~]# env t='() { :;}; echo You are vulnerable.' bash -c "true"

image

- THE END -
版权声明:
转载原创文章请注明,文章出处:http://kinggoo.com
原文地址:http://kinggoo.com/centosbashupdate.htm
发表评论?

1 条评论。

发表评论