Showing posts with label Linux Security. Show all posts
Showing posts with label Linux Security. Show all posts

Thursday, November 27, 2014

bash security vulnerabilities

Leave a Comment
Bash security vulnerabilities ( shellshock or bashdoor ) is a vulnerability was discovered on September 12th, 2014. this is affect all linux distributions and allow remote attacks to execute arbitrary code using command environment variables. more details CVE-2014-6271

How to against Bash vulnerabilities.

This is guide how to upgrade for linux secure to against Bash vulnerabilities.

Check is  Vulnerability 

CVE-2014-6217

env x='() { :;}; echo vulnerable' bash -c 'echo your system  vulnerable test'
if vulnerable then output:

vulnerable
your system  vulnerable test

if your system not vulnerable then output:

your system  vulnerable test

CVE-2014-7169

a new bug was discovered and CVE identifier CVE-2014-7169 
env X='() { (a)=>\' sh -c "echo date"; cat echo
if vulnerable then output:

sh: X: line 1: syntax error near unexpected token `='
sh: X: line 1: `'
sh: error importing function definition for `X'
Wed Nov 26 13:23:58 EST 2014

if your system not vulnerable then output:

date
cat: echo: No such file or directory

CVE-2014-7186

another bug was discovered and CVE identifier CVE-2014-7186

Test vulnerable
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' || echo "CVE-2014-7186 vulnerable, redir_stack"
if your system not vulnerable then output:

bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: warning: here-document at line 2 delimited by end-of-file (wanted `EOF')
bash: line 2: make_here_document: bad instruction type 33
Segmentation fault
CVE-2014-7186 vulnerable, redir_stack

How to fix ShellShock

Below is information upgrade bash and ensuring your system no longer vulnerable to the bug.

For Ubuntu and Debian

apt-get update
apt-get install --only-upgrade bash

For Centos 

yum update bash

For fedora

yum -y install bash

For Arch Linux

pacman -Syu

For OpenSuSE

zypper patch --cve=CVE-2014-7187

For Slackware

slackpkg update
slackpkg upgrade bash
Once re-command you have done, you check is Vulnerability to view system ok ?
I hope will this help you!
Copyright by: www.linuxoperatingsystem.info http://goo.gl/kMscJ4 
Read More...