Shell on the bashunix-like system, which allows users to input and execute commands in the Unix-like system. Generally, the connection is implemented through SSH or Telent. In addition, the Web server can also be used as an interpreter for CGI scripts. The Unix-like system has multiple shells, but it is the default shell.
Bash vulnerability Description: Bash processes the strings defined by the function in the environment variable assignment (in other words, attackers can layout the code to execute it ). Example: $: http-header = cookie :() {:;}; Ping-C 3 209.126.230.74 // () {:;} is the function definition; ping-C 3 209.126.230.74 is the shell command and parameter. Attackers can execute arbitrary commands during bash execution.
Attack Path 1: forcecommand in OpenSSH sshd; 2. modcgi and modcgid modules in Apache HTTP Server; 3. scripts executed by DHCP client; 4. Environment Variables set in Bash; 5, CGI in web.
Virus name shellshock Worm
Run the bash shell command: ENV x = "() {:;}; echo exitbug"/bin/sh-c "Echo stuff ", if exitbug characters are returned, the vulnerability exists.
SolutionUpgrade GNU Bash to 4.3 (latest). Upgrade Method: Yum Update-y bash
Later: 1. Generally, this vulnerability is more vulnerable to git/SVN attacks. 2. Upgrading to 4.3 after the upgrade does not guarantee everything goes well. Security is an eternal problem.
Bash Vulnerability Analysis
