How to Protect your Server Against the Shellshock Bash Vulnerability ?

There’s latest security flaw Bash Bug called Shellshock affecting Linux nodes. It’s a major vulnerability related to Bash.

Please check/review if Linux nodes are affected by this security flaw, and prepare plan for patching it.
The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
 Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
 Certain DHCP clients
 OpenSSH servers that use the ForceCommand capability
Various network-exposed services that use Bash

For more details, please refer below link –

Resolution

[root@kvmpri01-vm05 ~]# rpm -qa | grep bash
bash-4.1.2-14.el6.x86_64
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# bash --version
GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash is vulnerable!
Bash Test

sftp> put bash-4.1.2-15.el6_5.2.x86_64.rpm
Uploading bash-4.1.2-15.el6_5.2.x86_64.rpm to /root/bash-4.1.2-15.el6_5.2.x86_64.rpm
100% 905KB 905KB/s 00:00:00

[root@kvmpri01-vm05 ~]# rpm -Uvh bash-4.1.2-15.el6_5.2.x86_64.rpm
warning: bash-4.1.2-15.el6_5.2.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:bash ########################################### [100%]
[root@kvmpri01-vm05 ~]#
[root@kvmpri01-vm05 ~]# env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"
Bash Test

[root@kvmpri01-vm05 ~]# which bash
/bin/bash

[root@kvmpri01-vm05 ~]# bash --version
GNU bash, version 4.1.2(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s