Site web ikoula

Add new comment

Major fault of the bash shell

Submitted by Anonyme (not verified) 25Sep
2014

Update 2014-09-26 12:30 UTC + 1

The CVE-2014-7169 fault seems to be patched by most of the package maintainers. We invite you to redo an update of your bash.

< hr / > < br / >

Update 2014-09-25 18:00 UTC + 1

The patch for the vulnerability CVE-2014-6271 does not fully resolve the problem. However, it reduces the importance. A new rift opened under reference CVE-2014-7169, which the patch should arrive quickly. < br / > Pending this add-in, you have the possibility of applying one of these workarounds in this redhat KB article.

After applying the patch for the vulnerability CVE-2014-6271, you can check the CVE-2014-7169 fault with the following code:

approx X =' () {(a) => \' bash-c-"echo echo vuln";} [["$(cat echo)" == "vuln"]] & echo "still vulnerable" < br / >

If you are always vulnerable, you'll return

bash: X: line 1: syntax error near unexpected token '='
bash: X: line 1: "
bash: error importing function definition for 'X'
still vulnerable
< hr / > < br / >

A major vulnerability on the bash shell has just been discovered. The fault is referenced under code CVE-2014-6271.

Since when does it exist?

This flaw has existed since at least version 1.14 of bash. It is therefore very widespread.

- What is it allows?

The flaw exploits the fact that the Shell bash, at the time where it is started, does not stop the interpretation to where it should when there are definitions of variables or functions of environment and run orders placed in arguments.

Being given the fact that we can start a shell bash in a cgi script for example, can exploit this vulnerability remotely Using the fact that the cgi environment variables are mapped in shell environment variables. The launch of commands is done remotely, certainly in the context of the web server is running for example.

Script of exploitation of this vulnerability are easily retrievable and specific to this vulnerability scanners are already at work.

How to check if my version is impacted?

You have the possibility to test this fault by using the following command.

approx x =' () {:;}; echo vulnerable' bash-c "echo this is a test" < br / >

If your version of bash is vulnerable, you will get the following back:

vulnerable
 This is a test
Otherwise: 
 bash: warning: x: ignoring function definition attempt
 bash: error importing function definition for 'x'
 This is a test

How to fix the?

Ikoula recommends that you update the bash packages for your distribution as quickly as possible. < br / > If you have a debian squeeze 6, so-called, we invite you to follow our knowledge base article. < br / > If you have a shared benefit or complete outsourcing know that our teams have already been required.

For more information https://securityblog.redhat.com/

Tags: