Skip to main content
  1. Home
  2. Computing
  3. Apple
  4. Web
  5. Legacy Archives

How to check if you’re affected by the Shellshock Bash bug for Linux, OS X

By
Add as a preferred source on Google

The “Shellshock” bug is making cyber security experts and IT folk scramble to apply fixes and develop workarounds. The flaw, which afflicts systems running Linux and Mac OS X, affects Bash, which is short for the “Bourne again shell.”

Bash is a piece of software that controls the command prompt in Linux and Mac OS X. Here’s how Red Hat, the maker of Red Hat Linux, describes the problems posed by the Bash flaw in this official blog post.

Recommended Videos

An attacker can provide specially-crafted environment variables containing arbitrary commands that will be executed on vulnerable systems under certain conditions.”

A (flawed) patch for Linux-based systems has already been issued, and a follow-up is being developed as we speak. The flawed patch was found to be incomplete by security experts. However, Red Hat recommends that users still install it. That’s because Red Hat considers the problems associated with the first patch to not be as severe as the issues that face systems which don’t have the first patch.

In the interim, there’s a simple way to check if Linux-based sites and servers are vulnerable to the Bash/Shellshock bug. By using this Web-based tool and entering the appropriate information, you can quickly find out if you’re at risk. You can also check if your servers are vulnerable to the flaw by using this other Web-based testing tool, simply dubbed “ShellShock Tester.”

The link was originally posted by Kaspersky’s official blog. When that Bash bug-related post was first published by the anti-malware software developer, Kaspersky noted that the tool indicated 749 vulnerabilities were discovered as a result of 7,362 tests that were ran with it.

Both numbers have spiked significantly. As of this writing, the ShellShock Bash Vulnerability test tool states that 23,832 tests have been conducted using it, and 1,568 vulnerabilities were discovered as a result.

Red Hat’s official security blog states that people should upgrade to the latest version of Bash that contains the fix for the Shellshock flaw.

Meanwhile, Kaspersky states that OS X-based systems can be scanned by following the instructions contained here. At this point, Apple has yet to release an official patch that addresses the Bash bug in OS X computers.

Konrad Krawczyk
Konrad Krawczyk
Former Computing Editor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Topics
Asus reveals ROG Strix XG129C, a tiny secondary monitor chasing Elgato’s gamer lunch
The secondary display category has been waiting for a product that combines a proper screen, real color accuracy, and gaming ecosystem integration in one tidy package.
Strix XG129C secondary display.

If you’ve ever wished your work desk had a dedicated screen for reviewing your system’s performance, chat windows, or streaming controls, so that you don’t have to disturb your main monitor, Asus has heard you. 

The ROG Strix XG129C is a 12.3-inch secondary display with a touchscreen, designed to sit beneath your primary monitor and handle everything that could be a distraction on your main screen, and it costs $199. 

Read more
Intel’s turnaround is one for the ages, without having much to show for it
Wall Street is betting big on Intel before the results arrive
Logo

Intel’s comeback has become one of the market’s biggest surprises. Its stock has risen nearly 490% over the past year, pushing the company back into record territory and reviving confidence in a chipmaker many had written off.

The problem is that Intel still has little product success to justify that excitement.

Read more
Apple’s Continuity features are so good, they make Windows and Android feel incomplete
Android and Windows try, but Apple's ecosystem is on a whole different level.
Mac iPad iPhone with blurred background

Windows and Android platforms have been trying to catch up to Apple's ecosystem. And honestly, in some areas, they have succeeded. But replicating a feature here and there is very different from pulling off what Apple has built. The seamless, almost invisible way all of Apple's devices work together is genuinely hard to replicate.

Apple calls these Continuity features. You can use these features to seamlessly transition from one device to another, unlock devices without entering passwords, transfer files, and much more. 

Read more