As the saying goes - "when it rains it pours". We have had to deal with AWS instance reboots as well as patching the "shellshock" bash vulnerability (CVE-2014-6271) at the same time across many of our instances. The quick way to determine if your instances are vulnerable is to run the below command:-
$env var='() { ignore this;}; echo vulnerable' bash -c /bin/true
If the above prints "vulnerable" then you are exposed to bash vulnerability. You can also check the current version of bash installed by running the command below:-
$sudo rpm -q bash
bash-4.1.2-15.el6_4.x86_64
Once you have determined it is an old version, you can run an update through your package manager
$sudo yum update -y bash
Once the update finishes, you can check for the version again
$sudo rpm -q bash
bash.x86_64 0:4.1.2-15.el6_5.2
Now test for the vulnerability again by running the small bash script on top. This time it will not print "vulnerable"
$env var='() { ignore this;}; echo vulnerable' bash -c /bin/true
If the above prints "vulnerable" then you are exposed to bash vulnerability. You can also check the current version of bash installed by running the command below:-
$sudo rpm -q bash
bash-4.1.2-15.el6_4.x86_64
Once you have determined it is an old version, you can run an update through your package manager
$sudo yum update -y bash
Once the update finishes, you can check for the version again
$sudo rpm -q bash
bash.x86_64 0:4.1.2-15.el6_5.2
Now test for the vulnerability again by running the small bash script on top. This time it will not print "vulnerable"
No comments:
Post a Comment