[Tutorial] How to patch Shellshock vulnerability on an obsolete Linux version that you cannot upgrade

Question: How to patch Shellshock vulnerability on an obsolete Linux version that you cannot upgrade?

I encountered this when I was patching a Backtrack VM server for our client. First I did a

apt-get update
apt-get dist-upgrade

Which didn’t really upgrade the Bash version and after testing I found the host is still vulnerable to Shellshock. Understandable..after all Backtrack is already replaced by Kali. But the job still needs to be done! And after a bit of Google I got the answer from from Ask Ubuntu and it worked like magic for me!

mkdir src
cd src
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patches
for i in $(seq -f “%03g” 1 27); do wget http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz
cd bash-4.3
#apply all patches
for i in $(seq -f “%03g” 1 27);do patch -p0 < ../bash43-$i; done #build and install ./configure --prefix=/ && make && make install cd .. cd .. rm -r src

Filled Under : Tutorials & How-To's