November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Categories

November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  

Fix ShellShock Bash Vulnerability

With the announcement of the ShellShock Bash vulnerability last week it has caught news around the security updates. This is bug is being dubbed to be bigger than The Heartbleed Bug. Some interesting read about ShellShock can be found here.

Fix ShellShock Bash Vulnerability on CentOS – Test

Before you begin it’s better to test all the available vulnerability for Bash. You can run the following tests from your shell to verify the vulnerability for bash.

Exploit 1 (CVE-2014-6271)

Execute the ofllowing command from your shell.

1
env x='() { :;}; echo vulnerable!' bash -c "echo this is a test"

If you see “vulnerable!” you have a vulnerable version of bash which needs to be updated. If you won’t see “vulnerable!” in the output you should be fine.

Exploit 2 (CVE-2014-7169)

Run the following command:

1
cd /tmp; env X='() { (a)=>\' bash -c "echo date"; cat echo

If this command provides the output for current date on the terminal, the version of bash is vulnerable to this exploit. However, if it prints just the word “date” then you are fine against this vulnerability. You might see a file created under the /tmp directory with the name echo. You can delete it safely.

Important: Please note that while testing this exploit you might come across some tests which will include rm -f echo. This could possibilly delete the binary for echo whichis /bin/echo. Avoid running such tests!!

Exploit 3 (CVE-2014-7186)

Run the following command to test this exploit.

1
bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' || echo "CVE-2014-7186 vulnerable, some_stack"

If the output includes “CVE-2014-7186 vulnerable, some_stack”, bash is vulnerable to this exploit.

Exploit 4 (CVE-2014-7187)

Run the following command to test this exploit.

1
(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash || echo "CVE-2014-7187 vulnerable, print_me"

If the output includes “CVE-2014-7187 vulnerable, print_me” you have a vulnerable bash version for this exploit.

Fix ShellShock Bash Vulnerability on CentOS

There have multiple patches being pushed during the last week to handle the different exploits above. Almost all the distributions now have a completely patched version of bash available for upgrade.

On CentOS / RedHat systems you can use yum to update to the latest available version for Bash.

On the affected systems, run the following command to update Bash.

yum -y update bash

Once the update is complete you can check for the above mentioned exploits to ensure the bash version installed is indeed patched.

There are still more exploits discovered. It is possible that we may see more patches coming for Bash in next few days.

Fix ShellShock Bash Vulnerability on CentOS

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>