Since there’s additional vulns “detected” – there’s a easier fix. 1 – Verify that /bin/sh does not point at /bin/bash. 2 – Replace bash with another shell! – Either by symlinking over bash, or just.. whatever you decide… DONE. Now, allow all the hype to settle – and enjoy a tiny amount of quiet..
Edit/ Append the following to your /etc/apt/sources.list; #Added due to shellshock deb http://ftp.se.debian.org/debian/ squeeze-lts main contrib non-free deb-src http://ftp.se.debian.org/debian/ squeeze-lts main contrib non-free Run the following: apt-get update && apt-get install -t squeeze-lts –only-upgrade bash Bash should now look like this: # apt-cache show bash Package: bash Essential: yes Priority: required Section: shells Installed-Size: 3536 […]