Resolving Bash vulnerability in cPanel/WHM servers : How to fix CVE-2014-6217 Bash “Shell Shock” vulnerability
[UPDATE 1st Oct] – More vulnerabilities were reported since this post was originally written on Sep 26th. See the notes at the bottom.
Highly critical Bash code injection vulnerability CVE-2014-6217 was declared on 24th Sep, and a patch is now available for cPanel/WHM servers.
If you have a cPanel/WHM server, it has Bash, and if you haven’t expressly patched it, assume that your server is vulnerable. cPanel/WHM servers are typically enabled with CGI modules, and they could allow commands to be passed on to Bash, thus opening the gates to hackers.
Hire Bobcares cPanel Server Administrators
Get super reliable servers and delighted customers
The engineers in our Proactive Management Services were informed of this threat on 24th, and patched all our cPanel/WHM servers with the following steps:
In CentOS / RedHat / CloudLinux servers,
Login as root to server terminal and execute the command:
# yum -y update bash
OR, if you are not comfortable with terminal,
Login to WHM interface Go to Home >> Software and click on Update System Software. Click Proceed to update all software pending update.
Note : If you are not sure if a full update should be run, consult a server administrator.
This should protect you from the critical CVE-2014-6217 vulnerability, however, your server will need to be patched again to be fully protected once a solution is available for the related CVE-2014-7169 vulnerability. We will update this post when a patch for CVE-2014-7169 is available. When it is released, just execute the above steps again.
[ UPDATE ] – Patch for CVE-2014-7169 is now available. So, in case you have already ran the commands above, re-run them again to get the final patch.
Critical vulnerabilities are a fact of web hosting. Bobcares Proactive Server Management prevents zero-day exploits by configuring servers for managed auto-upgrades.
Not sure if your servers are patched? We can check your servers for FREE, and patch your servers.
IMPORTANT UPDATE : New vulnerabilities were reported after Sep 26th (after this post was written). As of Oct 1st, 6 vulnerabilities are reported. Rumors say, more vulnerabilities might be on its way. You need to keep monitoring the threat-scape and update your servers as soon as patches are available.
We can keep an eye on your servers and secure it so that your servers wont be exploited by any of the Bash vulnerabilities. Check out our Bash Special Pro-active Maintenance Service below.