Solved

Shell shock vulnerability options needed on large college campus

Posted on 2014-09-26
2
438 Views
Last Modified: 2014-09-29
Hey there,

I need some options for testing my network against these.  I've been using http://bashsmash.ccsir.org/ but wanted to make sure I wasn't getting false positives.  Any ideas?

Please help!

thanks metalfubar
0
Comment
Question by:metalfubar
2 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 40346652
On the command line:

env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

Also, if you don't have cgi applications that use bash scripts, you should be okay from an http/https perspective.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40347281
For complete audit you need to check for BASH scripts invoked from network (snmpd, dhcpd, httpd)
0) upgrade bash yesterday, and announce to your users that worm herders will be executed or something like that...
1) SubAgent in snmpd.conf - if none you are clean, otherwise check script
2) not popular but check for any scripts mentioned
3) ScriptAlias (note that fcgid and wsgi and passenger are NOT vulnerable) = check all scripts in ScriptAlias directories. Do you use scripts at all? Just remove any CGI support, it is there just for epic case dinosaurs re-surrect...
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
A short film showing how OnPage and Connectwise integration works.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now