Vulnerability in Bash Shell widespread and serious
Upgrade now, if you can. A bug discovered in the widely used Bash command interpreter poses a critical security risk to Unix and Linux systems - and, thanks to their ubiquity, the internet at large.
From the Register:
From the Register:
It lands countless websites, servers, PCs, OS X Macs, various home routers, and more, in danger of hijacking by hackers.Now is also a good time to wipe your servers and reinstall Minix or Plan9 as a precaution. ;)
The vulnerability is present in Bash up to and including version 4.3, and was discovered by Stephane Chazelas. It puts Apache web servers, in particular, at risk of compromise: CGI scripts that use or invoke Bash in any way - including any child processes spawned by the scripts - are vulnerable to remote-code injection. OpenSSH and some DHCP clients are also affected on machines that use Bash.
* http://mirbsd.de/mksh
I prefer mksh primarily because bash goes horribly brain-dead when you attempt line-editing on command lines that wrap-around to the next line. Your bash session becomes practically unusable after you hit that limit (which I do, often) and it first wigs-out:
* http://i.imgur.com/Vo2BQq2.png
It doesn't hurt that the mksh binary is 3.4X smaller, starts-up faster, is more responsive, can be statically linked, and doesn't hold open 28 files, all of which matters a lot in a minimal system recovery type situation.