Major Bash Vulnerability Fixed on All Servers
A major security flaw was discovered in the most popular shell (Bash) which is used by default in many Linux and Unix distributions. A shell is a program that takes your commands (accessing folders, listing files, etc.) that you type and sends them to the operating system to be executed. The Bash vulnerability, also known as Shellshock, allows attackers to issue arbitrary commands via crafted environment variables.
The bad thing about this specific vulnerability is that it is fairly easy to craft such a request and attack a server. In addition, the vulnerability affects all types of devices and not only web servers – routers, some mobile devices, Linux computers and even Mac OS X devices are also affected. There is a simple test that will show you if you’re vulnerable. Just run the following command within your shell:
env X="() { :;} ; echo BUSTED" /bin/sh -c "echo test"
If you see the word “BUSTED” echoed back then your Bash version is vulnerable and you have to update.
Now that you’re scared it’s time for the good news. All SiteGround servers were patched in less than 24 hours the vulnerability was announced. In addition, our unique server setup including the special chroot isolation has made it highly unlikely for any attacker to have been able to utilize this vulnerability and gain access to sensitive information even before the patch.
If you have an account on our servers you don’t need to do anything because we’ve got you covered. However, please remember that this vulnerability also affects other devices and not only web servers. If you’re using Linux as your operating system you need to update Bash to the latest available stable version just to make sure that you’re not at risk.
Comments ( 6 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Nick
Thank you, SiteGround! Glad you're on top of things.
Johan
Thanks siteground. Happy to hear you're very reactive
Andreas
Excellent! This is why SiteGround rocks.
Adam
I red about this bash, came here to check for any info and it's all fixed already. Wow! That's why SiteGround is THE BEST and that's why (among many other great things siteground offers) I switched from 1and1 where I hosted my websites for the past 12 years. Thanks Guys and Girls ! :) Adam
Anna
Great job as always.
Ruel
thanks siteground.. great job
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through