Shellshock, the newly discovered vulnerability that allows attackers to inject code into your machine, puts your Mac or Linux at a serious risk for malicious attacks. Here’s how to test if your machine is vulnerable.
Shellshock uses a bash script to access your computer. From there, they can launch programs, enable features, and access files. The script only affects UNIX-based systems, so Linux and Mac are the only ones vulnerable.
You can test your system by running this test command from Terminal:
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If you’re not vulnerable, you’ll get this result:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello
If you are vulnerable, you’ll get:
vulnerable hello
You can also check the version of bash you’re running by entering:
bash --version
If you get version 3.2.51(1)-release as a result, you’ll need to update. Many Linux distributions already have patches available, so you can follow these instructions to update your system. Mac users are still waiting for a patch, but you can update bash manually using this guide.
via Gizmodo
How To Check If Your Mac or Linux Machine Is Vulnerable to Shellshock