ShellShock is new Linux vulnerability affecting all versions of Bash package. This vulnerability is worse than HeartBleed! This command line vulnerability is present in Mac OS X too. Basically it’s there in all the systems having Bash, a software used to control the command line in Unix.

To test if you are vulnerable to ShellShock, run this command:

 env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”

 vulnerable  
this is a test

Fix for Redhat packages:

 yum update bash

Fix for Ubuntu/Debian packages:

 apt-get upgrade bash

After running above commands, check again to see if you are vulnerable:

 env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”

If you see below output, that means you are no longer vulnerable

 bash: warning: x: ignoring function definition attempt  
bash: error importing function definition for `x’  
this is a test