Ajouter un commentaire

Patches debian flaw Shellshock

IKoula teams made debian packages available to the community for versions that are no longer supported, namely:

  • Debian 3.1 32 bit
  • Debian 4 32 bit
  • Debian 4 64 bit
  • Debian 5 32 bit
  • Debian 5 64 bit

These packages include fixes for vulnerabilities:

  • CVE-2014-6271-> Shellshock v1, the first version of the exploit of the flaw
  • CVE-2014-7169-> Shellshock v2, the second
  • CVE-2014-6277 & CVE-2014-6278-> other two flaws put forward during the ShellShock fault resolution.
    • The packages can be found at the ftp://mirror03.ikoula.com/pub/flaws/ShellShock/

      To apply the procedure is as follows:

      1. Create a working directory: < br / > # mkdir shellshock
      2. And place you inside: < br / > # cd shellshock
      3. Rehome the packages to be updated on the basis of those already installed on your system (verifiable with ' dpkg-l | ") grep bash"), for example: < br / > # wget ftp://mirror03.ikoula.com/pub/flaws/ShellShock/lenny64/bash_3.2-4-ikl2_amd64.deb
      4. Perform the installation of the package: < br / > # dpkg-I bash_3.2 - 4 - ikl2_amd64.deb
      5. Then check your vulnerability to various faults via the corresponding commands:
        • Shellshock v1: < br / > # x =' () {:;}; echo vulnerable' bash-c "echo this is a test"

          If the return is:

          vulnerable
          This is a test
          Then you are vulnerable.

          Otherwise you will get a return as:

          This is a test

        • Shellshock v2: < br / > < code > # rm - fv echo; env X =' () {(a) => \' bash-c-"echo echo vuln";} [["$(cat echo)" == "vuln"]] & echo "always vulnerable"

          If the return is:

          bash: X: line 1: syntax error near unexpected token '='
          bash: X: line 1: "
          bash: error importing function definition for 'X'
          always vulnerable
          Then you're always vulnerable.

          Otherwise you will get a return as:

          echo vuln
          Cat: echo: No such file or directory

        • On the last two faults: < br / > # foo =' () {echo vulnerable;}' bash-c foo

          If the return is:

          vulnerable
          Then you're still vulnerable

          Otherwise you will have this return:

          bash: foo: command not found

      Good patch!