Bash Shellshock安全漏洞 修補過程參考
Bash Shellshock安全漏洞 修補過程參考
最新訊息請參考資料來源網站https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/
- 1. 打以下命令測試是否有漏洞
$ env x=’() { :;}; echo vulnerable’ bash -c “echo this is a test"
會出現以下就表示有漏洞
vulnerable
this is a test
2.修補後結果
$ env x=’() { :;}; echo vulnerable’ bash -c “echo this is a test"
l Rehat出現結果
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
l CentOS 出現結果
this is a test
3.基本上的做法就是更新bash到最新版本
- 檢查OS版本及bash目前版本
# lsb_release –a
出現版本資訊
LSB Version::base-4.0-ia32:base-4.0-noarch:core-4.0-ia32:core-4.0-noarch:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-ia32:printing-4.0-noarch
Distributor ID: CentOS
Description: CentOS release 6.2 (Final)
Release: 6.2
Codename: Final
# rpm -qa bash
- 查相關OS版本bash要更新的patch對應
redhat https://access.redhat.com/solutions/1207723
centos http://lists.centos.org/pipermail/centos/2014-September/146099.html
- 用yum 直接更新bash
# yum update bash 過程中會show出要更新的patch 版次 確認 y
# rpm -qa bash 檢查更新完版本
bash-4.1.2-15.el6_5.2.i686
$ env x=’() { :;}; echo vulnerable’ bash -c “echo this is a test" 打指令測試
this is a test CentOS 出現結果
- 若沒有安裝yum 直接找對應的rpm
例如:redhat ES4
#cd /usr/src/redhat/RPMS/i386
#rpm -Uvh bash-3.0-27.0.2.el4.i386.rpm
# env x=’() { :;}; echo vulnerable’ bash -c “echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
# rpm -qa bash
bash-3.0-27.0.2.el4