Solved

Shell shock vulnerability options needed on large college campus

Posted on 2014-09-26
2
435 Views
Last Modified: 2014-09-29
Hey there,

I need some options for testing my network against these.  I've been using http://bashsmash.ccsir.org/ but wanted to make sure I wasn't getting false positives.  Any ideas?

Please help!

thanks metalfubar
0
Comment
Question by:metalfubar
2 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 40346652
On the command line:

env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

Also, if you don't have cgi applications that use bash scripts, you should be okay from an http/https perspective.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40347281
For complete audit you need to check for BASH scripts invoked from network (snmpd, dhcpd, httpd)
0) upgrade bash yesterday, and announce to your users that worm herders will be executed or something like that...
1) SubAgent in snmpd.conf - if none you are clean, otherwise check script
2) not popular but check for any scripts mentioned
3) ScriptAlias (note that fcgid and wsgi and passenger are NOT vulnerable) = check all scripts in ScriptAlias directories. Do you use scripts at all? Just remove any CGI support, it is there just for epic case dinosaurs re-surrect...
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

There is a question posted at http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_28324159.html (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_28324159.html) and i…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This video discusses moving either the default database or any database to a new volume.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now