IKoula teams made debian packages available to the community for versions that are no longer supported, namely:
- Debian 3.1 32 bit
- Debian 4 32 bit
- Debian 4 64 bit
- Debian 5 32 bit
- Debian 5 64 bit
These packages include fixes for vulnerabilities:
- CVE-2014-6271-> Shellshock v1, the first version of the exploit of the flaw
- CVE-2014-7169-> Shellshock v2, the second
- CVE-2014-6277 & CVE-2014-6278-> other two flaws put forward during the ShellShock fault resolution.
- Create a working directory:
< br / >
# mkdir shellshock
- And place you inside:
< br / >
# cd shellshock
- Rehome the packages to be updated on the basis of those already installed on your system (verifiable with ' dpkg-l | ") grep bash"), for example:
< br / >
# wget ftp://mirror03.ikoula.com/pub/flaws/ShellShock/lenny64/bash_3.2-4-ikl2_amd64.deb
- Perform the installation of the package:
< br / >
# dpkg-I bash_3.2 - 4 - ikl2_amd64.deb
- Then check your vulnerability to various faults via the corresponding commands:
- Shellshock v1: < br / >
# x =' () {:;}; echo vulnerable' bash-c "echo this is a test"
If the return is:
vulnerable This is a test
Then you are vulnerable.Otherwise you will get a return as:
This is a test
- Shellshock v2:
< br / > < code > # rm - fv echo; env X =' () {(a) => \' bash-c-"echo echo vuln";} [["$(cat echo)" == "vuln"]] & echo "always vulnerable"
If the return is:
bash: X: line 1: syntax error near unexpected token '=' bash: X: line 1: " bash: error importing function definition for 'X' always vulnerable
Then you're always vulnerable.Otherwise you will get a return as:
echo vuln Cat: echo: No such file or directory
- On the last two faults:
< br / >
# foo =' () {echo vulnerable;}' bash-c foo
If the return is:
vulnerable
Then you're still vulnerableOtherwise you will have this return:
bash: foo: command not found
- Shellshock v1: < br / >
-
The packages can be found at the ftp://mirror03.ikoula.com/pub/flaws/ShellShock/
To apply the procedure is as follows:
Good patch!