redhat官方提供的bash漏洞诊断方法,目前5.2补丁是最终版
2014-10-08 12:08
204 查看
原文地址https://access.redhat.com/articles/1200223
原文漏洞检测部分
不补任何bash漏洞,执行
补好5.2最终版补丁,再执行,结果是
原文漏洞检测部分
Diagnostic Steps
Red Hat Access Labs has provided a script to help confirm if a system is patched against to the Shellshock vulnerability. You can also manually test your version of Bash by running the following command:$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"If the output of the above command contains a line containing only the word
vulnerableyou are using a vulnerable version of Bash. The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Note that different Bash versions will also print different warnings while executing the above command. The Bash versions without any fix produce the following output:
$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" vulnerable bash: BASH_FUNC_x(): line 0: syntax error near unexpected token `)' bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo vulnerable' bash: error importing function definition for `BASH_FUNC_x' testThe versions with only the original CVE-2014-6271 fix applied produce the following output:
$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' bash: error importing function definition for `BASH_FUNC_x()' testThe versions with additional fixes from RHSA-2014:1306, RHSA-2014:1311 and RHSA-2014:1312 produce the following output:
$ env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `BASH_FUNC_x' testThe difference in the output is caused by additional function processing changes explained in the "How does this impact systems" section below. The fix for CVE-2014-7169 ensures that the system is protected from the file creation issue. To test if your version of Bash is vulnerable to CVE-2014-7169, run the following command:
$ cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo bash: x: line 1: syntax error near unexpected token `=' bash: x: line 1: `' bash: error importing function definition for `x' Fri Sep 26 11:49:58 GMT 2014If your system is vulnerable, the time and date information will be output on the screen and a file called /tmp/echo will be created. If your system is not vulnerable, you will see output similar to:
$ cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo date cat: /tmp/echo: No such file or directoryIf your system is vulnerable, you can fix these issues by updating to the most recent version of the Bash package by running the following command:
# yum update bash以上原文的精简翻译如下:
不补任何bash漏洞,执行
env 'x=() { :;}; echo vulnerable' 'BASH_FUNC_x()=() { :;}; echo vulnerable' bash -c "echo test"输出结果是
vulnerable bash: BASH_FUNC_x(): line 0: syntax error near unexpected token `)' bash: BASH_FUNC_x(): line 0: `BASH_FUNC_x() () { :;}; echo vulnerable' bash: error importing function definition for `BASH_FUNC_x' test补5.1补丁,再执行,结果是
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' bash: error importing function definition for `BASH_FUNC_x()' test(少了unexpected token那行)
补好5.2最终版补丁,再执行,结果是
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `BASH_FUNC_x' test补了5.1补丁但没有补5.2最终版补丁执行
cd /tmp; rm -f /tmp/echo; env 'x=() { (a)=>\' bash -c "echo date"; cat /tmp/echo输出结果会是
bash: x: line 1: syntax error near unexpected token `=' bash: x: line 1: `' bash: error importing function definition for `x' Fri Sep 26 11:49:58 GMT 2014若补好了5.2最终版补丁,结果将变成
date cat: /tmp/echo: No such file or directory
相关文章推荐
- MongoDB官方提供了更方便的Ubuntu下安装方法
- Visual Assist X V10.7.1929.0 官方原版+破解补丁+破解方法
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- 润乾内置函数获取指定日期所在时间区间 官方提供方法
- 文本和16进制UltraEdit-32 v13.20+3 官方简体中文版+破解补丁 提供下载
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- 转贴:在 RedHat 7.2 Linux 系统下实现提供个人主页空间服务的方法
- Android官方提供的支持不同屏幕大小的全部方法
- 移动开发:Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- 一个用微软官方的OpenXml读写Excel 目前网上不太普及的方法。
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法
- Android官方提供的支持不同屏幕大小的全部方法(转载)
- Android官方提供的支持不同屏幕大小的全部方法