Wednesday, October 29, 2014

Redhat / Centos ShellShock remediation

I realize it's old info now but I'm posting this for my own reference.  This info was gleaned from other sites.  I adapted the tests to display results in color.  Hey I'm old, it helps to see things  :-)

The tests are listed as Redhat or Centos but the same script should work on any version of Linux and probably Unix as well.

BASH ShellShock Remediation

Redhat/Centos version:
cat /etc/redhat-release

BASH version:
bash -version 
   Or
rpm -qa | grep bash

Test: 
clear;env x="() { :;}; echo -e '\033[1;31mVULNERABLE\033[0m'" "BASH_FUNC_x()=() { :;}; echo VULNERABLE" bash -c " echo -ShellShock-Test-"
   Or
clear;env X="() { :;} ; echo -e '\033[1;31mVULNERABLE\033[0m'" /bin/sh -c "echo -ShellShock-Test-"

Result before patching:
VULNERABLE
bash: BASH_FUNC_x(): line 0: syntax error near unexpected token `)'
bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo VULNERABLE'
bash: error importing function definition for `BASH_FUNC_x'
-ShellShock-Test-
    Or
VULNERABLE
-ShellShock-Test-

Remediation:
yum update bash

Result after patching:
bash: warning: X: ignoring function definition attempt
bash: error importing function definition for `X'
-ShellShock-Test-
   Or
-ShellShock-Test-

Posted by at No comments:
Subscribe to: Posts (Atom)