how can I fix IOS 10.6.8. if vulnerable ?

You are only vulnerable if you are running a web server or allowing general remote access to your Mac. If you are using it in the normal way you are not at risk.

Hi Roger, you are right, but how to do it if I have the 10.6 server exposed? ⚠

I'm afraid I don't know. Are you running Snow Leopard Server? - if so you should ask in the forum for that:

https://discussions.apple.com/community/servers_enterprise_software/mac_os_x_ser ver_v10.6_snow_leopard

Otherwise if no-one else picks this thread up you could start a new one with a title making it clear that you are exposed.

Further to the above, there is a possible fix posted on Macintouch: go to

http://www.macintouch.com/readerreports/security/index.html#d01oct2014

and scroll up to the last post on 30 September, from Jim Weisbin. See also the posts at the bottom of the page he links to,

http://apple.stackexchange.com/questions/146849/how-do-i-recompile-bash-to-avoid -shellshock-the-remote-exploit-cve-2014-6271-an/146851

Disclaimer: all this is outside my technical knowledge and I pass this on for information only. I can't offer any comment on its suitability; use at your own risk.