Home » Centos/RHEL » Shellshock’ Bash Vulnerability discovered

Shellshock’ Bash Vulnerability discovered

Within a day of the Bash bug dubbed Shellshock’ Bash Vulnerability being disclosed, it appears that attackers are already looking for ways to use it for their advantage.
Security researchers have found evidence of concept code that attempts to exploit the serious bug discovered this week in Bourne-Again Shell, also known as Bash, which according to US CERT affects both Linux Mac OS. there is no authentication required when exploiting Bash via CGI scripts.
According to the National Institute of Standards and Technology (NIST) vulnerability database, this rates the fault 10 out of 10 in terms of severity:
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows permits attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution.
Who is vulnerable?
approximately every server in the Internet is vulnerable to it (every server has Bash). But not all sites are actually exploitable.
I mean, who really still uses mod_cgi instead of mod_php/fast_cgi that would be safe? Or who would write a CGI in shell scripting?
cPanel users at Risk
By default cPanel have these 2 directories existing in every user’s home direcotry:

/cgi-sys/
/cgi-sys/

Check System Vulnerability
You can identifying if you’re vulnerable is easier than previous vulnerabilities. Log into your server and via terminal run this command:

# env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’

If you are vulnerable the output will be as below:

# env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’
vulnerable
Hello

To resolve it will depend on your Linux distribution but if you will want to reinstall or update, do as below:

#sudo apt-get install bash

– or –

#yum update bash

Once complete, rerun the test and output should be as below:

# env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
hello

About

I am founder and webmaster of www.linuxpcfix.com and working as a Sr. Linux Administrator (Expertise on Linux/Unix & Cloud Server) and have been in the industry from last 7 years.

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*

Time limit is exhausted. Please reload the CAPTCHA.

Categorized Tag Cloud