System vulnerable to Shellshock |
What type of systems are vulnerable? "Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells"
Quick test to see if your system is vulnerable:
env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Example:
[root@testvm ~]# env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test" Bash is vulnerable! bash: FUNCTION(): line 0: syntax error near unexpected token `)' bash: FUNCTION(): line 0: `FUNCTION() () { :;}; echo Bash is vulnerable!' bash: error importing function definition for `FUNCTION' Bash Test
To test if your web server is vulnerable, you can use the 'ShellShock' Bash Vulnerability Test Tool.
To secure your system, simply upgrade the Bash package (should be available on most distributions):
$ ## Debian Based $ sudo apt-get update && sudo apt-get install --only-upgrade bash $ ## RedHat Based $ sudo yum update bash
References:
- 'ShellShock' Bash Vulnerability CVE-2014-6271 Test Tool
- How to Protect your Server Against the Shellshock Bash Vulnerability | DigitalOcean
- Worse Than Heartbleed? Meet ShellShock: A New Security Threat For OS X and Linux
It's nice that someone describes it
ReplyDeleteI like this article, it is very meaningful and detailed, I hope you will have many good articles like this to share.
ReplyDelete