02 8005 7353
Velocity Host Logo
(vh) New Logo
  • Home
  • Security
  • Shellshock – BASH Exploit Security Update & Action

Shellshock – BASH Exploit Security Update & Action

Security Update 6th October 2014

Shellshock – BASH Exploit detailed information.

Inside Shellshock

Wednesday 24th September and news of a new Linux vulnerability called SHELLSHOCK hits the internet, we wont be going into the finer details of the Exploit you can read an excellent writeup on the CloudFlare blog – ShallShock Inside Shellshock: How hackers are using it to exploit systems as Graham go’s into the finer details and how CloudFlare have pushed out a global fix to subscribers on their network.

All CloudFlare subscribers on all plans including FREE have been protected from the exploit.

Shellshock – CloudLinux VM’s & (vh) Shared Hosting Servers.

CloudLinux & KernelCare

All subscribers of CloudLinux & KernelCare have automatic updates to their Kernels & operating systems to the latest security patches so nothing needs to be done for these clients.

All (vh)WEB – Shared Reseller Web Hosting Servers run CloudLinux & KernalCare and these have also been automatically patched with the latest security updates.

Shellshock – Advisory; VDS cPanel Servers

VDS - Virtual Dedicated Server

Clients subscribing to cPanel hosting control panel on a (vh) VDS – Virtual Dedicated Servers subscription are advised to update their version of cPanel which in turn will also update the OS – Operating System #bash version to the latest secure release.

Even tho cPanel is designed to automatically update on a regular basis we strongly advise that a manual update is run to make sure the latest security patches are applied.

How to Update cPanel/ WHM

Login to WHM interface
Go to Home > Software and click on Update System Software >
Click Proceed to update all software > pending update.

Shellshock – Advisory; VDS & VDC Clients

VDC - Virtual Data Center

All clients running Linux based servers are strongly advised to upgrade their operating systems to the latest secure version of OS, most if not all Linux distributions have already been patched and a simple update can protect from this exploit.

How to apply OS updates?

Log into your servers via SSH or Console access and run the following commands at the prompt.

CentOs

# yum update

Debian

# apt-get update

Suse

# zypper patch

If your running a specific flavour of Linux not mentioned above please check your documentation on the best way to update or patch your OS.

Have Questions?

Feel free to drop us a comment or ask questions in the post.

Tags: , , ,

Trackback from your site.

gerardo

With over 25 years’ experience in the IT industry, Gerardo Altman is a key solutions architect and MD of Velocity Host, an Australian-based IaaS - Infrastructure As A Service provider specialising in enterprise cloud solutions.