Just relaying the information about this "ShellShock" vulnerability:
This seems to affect Apache, sshd, DHCP clients and even potentially git.
TL;DR here is how to check your Bash version
env x='() { echo Never called; }; echo YOUR BASH IS VULNERABLE' bash -c 'echo This is a test'
The "YOUR BASH IS VULNERABLE" message should NOT appear in your terminal.
Source: Justin Mason's Weblog
EDIT[29/09/2014]: Tavis Ormandy noticed that the first patch doesn't seem to correct the full vulnerability:
env X='() { (a)=>\' sh -c "echo date"; cat echo
I the current date is printed, your bash version is still vulnerable.
EDIT[30/09/2014]:
