Shellshock and how to Patch it
Shellshock, also known as Bashdoor or the Bash bug, is a security bug, disclosed 24 September 2014 in the widely-used Unix Bash shell. The bug causes Bash to execute commands from environment variables unintentionally. While Bash is not an Internet-facing service, many Internet-facing daemons call it internally, allowing an attacker to use an Internet-facing service that sets the contents of an environmental variable to have Bash execute the commands in the variable. DHCP clients are also potentially vulnerable, and more affected services are expected to be found.
The bug was discovered 12 September 2014 by Stéphane Chazelas, who suggested the name “bashdoor”. The bug was assigned the CVE identifier CVE-2014-6271, kept under embargo until 24 September 2014 14:00 UTC, in order to ensure that security updates were available for most systems as soon as the details were made public. Within days, a series of further related vulnerabilities in Bash were found – CVE-2014-7169, CVE-2014-7186 and CVE-2014-7187 – leading to the need for further patches.
How to Patch it : sudo apt-get update && sudo apt-get upgrade