Solved

Shell shock vulnerability options needed on large college campus

Posted on 2014-09-26
2
456 Views
Last Modified: 2014-09-29
Hey there,

I need some options for testing my network against these.  I've been using http://bashsmash.ccsir.org/ but wanted to make sure I wasn't getting false positives.  Any ideas?

Please help!

thanks metalfubar
0
Comment
Question by:metalfubar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 29

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 40346652
On the command line:

env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

Also, if you don't have cgi applications that use bash scripts, you should be okay from an http/https perspective.
0
 
LVL 62

Expert Comment

by:gheist
ID: 40347281
For complete audit you need to check for BASH scripts invoked from network (snmpd, dhcpd, httpd)
0) upgrade bash yesterday, and announce to your users that worm herders will be executed or something like that...
1) SubAgent in snmpd.conf - if none you are clean, otherwise check script
2) not popular but check for any scripts mentioned
3) ScriptAlias (note that fcgid and wsgi and passenger are NOT vulnerable) = check all scripts in ScriptAlias directories. Do you use scripts at all? Just remove any CGI support, it is there just for epic case dinosaurs re-surrect...
0

Featured Post

Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read about achieving the basic levels of HRIS security in the workplace.
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question