ShellShock, servers, and solutions

The problem

A bug within the widely used shell program Bourne Again Shell (BASH) commonly installed as a part of the Linux OS and variants thereof, can allow a malicious user to remotely execute commands and ultimately obtain control of a machine.


Running the shell command: 
env x='() { :;}; echo vulnerable' bash -c "echo this is a test" will output:

this is a test

If the machine or server is vulnerable to ShellShock.

Or otherwise:

bash: warning: x: ignoring function definition attempt 
bash: error importing function definition for `x’ 
this is a test

If the vulnerability is not present.

The solution

Run the command: lsb_release -a to retrieve the Codename for your operating system. Followed by: 
sudo sed -i 's/CODENAME_RESULT/trusty/g' /etc/apt/sources.list then: sudo apt-get update and: sudo apt-get install --only-upgrade bash to apply the patch.

As of October 3rd 2014; You can now simply patch this bug by issuing the command: 
sudo apt-get update && sudo apt-get install --only-upgrade bash

Re-run the test command as described above and if the patch has been applied successfully, your result should show that the vulnerability is no longer present.