IPFire, the linux-based firewall distribution, has been updated with the intention of fixing the GNU Bash vulnerability, a very serious security bug that allows an attacker to execute remote code in devices that make use of bash shell.
The bug that has been discovered recently in the bash shell which is known as the Shellshock security bug is very dangerous as it tricks bash into running a program that it wasn’t supposed to. Attackers can use the bug to exploit networked devices that rely on bash shell for performing their tasks, and expose confidential data.
Is my *nix system vulnerable?
To find out if your system is vulnerable to the Shellshock security bug you need to open a terminal and run the following command.
env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
In case you see the following output printed on your terminal then for sure your system is vulnerable to the shellshock security bug and I highly recommend to fix it immediately.
vulnerable this is a test
If your system is secure to the Shellshock bug then you should see the following output.
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test
According to the IPFire developers IPFire 2.15 – Core Update 83 provides a fix for several security issues in the GNU bash package also known as “ShellShock” and is recommended to update as soon as possible.They regard this as a serious security issue, so go update IPFire to the latest version and do not forget to reboot your machine after doing it.
“We regard this as a serious security issue and recommend to update as soon as possible. Please do not forget to reboot your machine afterwards and check for updates for your other *nix distribution as well because they are probably vulnerable, too.”, reads the official announcement.
How does the ShellShock security bug affect IPFire? It is not very hard to understand it. Since this security bug makes possible for an attacker to exploit a machine by injecting and executing commands through the shell environment therefore services that execute shell scripts like the DHCP client can be easily compromised. Also, if you are familiar with the IPFire or have been using it for along time now you may know that it makes use of CGI scripts for its web user interface. So authenticated users were able to execute shell commands with non-root privileges.
This core update contains fixes for various minor bugs, bring an updated web proxy (squid) to version 3.7.4 due to various security fixes and also adds several security and stability fixes to glibc.
How To Fix ShellShock Bug On *.nix Systems?
To fix the ShellShock bug in Linux systems, update your bash ASAP.
For Debian/Ubuntu:
sudo apt-get update sudo apt-get install --only-upgrade bash -y
For RHEL/CentOS related systems:
sudo yum update bash -y
Reboot your system.
What is IPFire?
IPFire is an opensource, linux-based firewall distribution designed with security and high-level of flexibility in mind. This amazing firewall with security as the primary objective can be easily deployed in many variations of it such as a firewall, a proxy server or a VPN gateway.
“The primary objective of IPFire is security. As there is of course no one, single way to achieve network security, it is important for a network administrator to understand their environment and what the term security means in the context of their own network.”, reads ipfire.org
For more details about IPFire installation and configuration, check out our previous article in the below link.
Cheers!