Bash Vulnerability Security Hardening

Bash Vulnerability Hardening Scheme

1Vulnerability Description

The previous period of time to do security reinforcement, using the BVS scan host, according to the scanned report shows that there are two Bash vulnerabilities, respectively:

① GNU Bash environment variable Remote Command execution vulnerability (cve-2014-6271)

The GNU Bash 4.3 and previous versions have a security vulnerability when evaluating certain constructed environment variables, and adding extra strings to the function definitions within the environment variable values can trigger the vulnerability, which could be exploited by an attacker to alter or bypass environmental restrictions to execute Shell commands.

② GNU bashcve-2014-6271 Incomplete Repair Remote code execution vulnerability (cve-2014-7169)

Affected Systems: GNU Bash <=4.3 bash43-026

A security vulnerability exists in the GNU Bash 4.3 bash43-026 and earlier versions of a string that is defined after some malformed function in the environment variable value, which is exploited by a remote attacker to overwrite the file, execute arbitrary code, and cause other effects through the constructed environment. This vulnerability stems from an incomplete fix for cve-2014-6271 , which still has a problem with function parsing.

2Vulnerability Testing

Build your own environment to test first.

① Viewing the system version:

[Email protected] ~]# lsb_release version–a

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/59/03/wKioL1TE75ihSyttAAE3YCSpI80317.jpg "title=" 11.png "alt=" Wkiol1te75ihsyttaae3ycspi80317.jpg "/>

② viewing the bash version:

[Email protected] ~]# bash--version

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/59/05/wKiom1TE7tiTpcB7AACQl9Dk4A8134.jpg "style=" float: none; "title=" 12.png "alt=" Wkiom1te7titpcb7aacql9dk4a8134.jpg "/>

③ Test statement:

[[Email protected] ~]# env x= ' () {:;}; Echovulnerable ' Bash-c "echo this is a test"

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/59/03/wKioL1TE77TSkx6rAAB56oKP1Qo418.jpg "title=" 13.png "Style=" Float:none; "alt=" wkiol1te77tskx6raab56okp1qo418.jpg "/>

returns "vulnerable this is a test", which indicates the existence of the GNU Bash environment variable Remote Command execution vulnerability (cve-2014-6271).

3Vulnerability Hardening

① upload the appropriate patch to file to directory /usr/local/src:

Bash-3.2-33.el5_10.4.x86_64

Bash-debuginfo-3.2-33.el5_11.4.x86_64

Please note that the download of the bash patch for the actual environment is determined by the operating system version and the Bash version (this environment is Redhat64bit && bash3.2)

② Installing the rpm Patch pack:

[email protected] localhost src]# rpm-uvhbash-3.2-33.el5_10.4.x86_64.rpm

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/59/03/wKioL1TE8TeBgFuCAAGHeNt7_Xw280.jpg "style=" float: none; "title=" 15.png "alt=" Wkiol1te8tebgfucaaghent7_xw280.jpg "/>

[Email protected] src]# rpm-uvhbash-debuginfo-3.2-33.el5_11.4.x86_64.rpm

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/59/05/wKiom1TE8FySbvtvAAFDCc7vwzU190.jpg "title=" 16.png "Style=" Float:none; "alt=" wkiom1te8fysbvtvaafdcc7vwzu190.jpg "/>

③ inspection has been reinforced

[[Email protected] src]# env x= ' () {:;}; Echovulnerable ' Bash-c "echo this is a test"

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/59/05/wKiom1TE8FzTZzqPAACYihJAQ20029.jpg "title=" 17.png "Style=" Float:none; "alt=" wkiom1te8fztzzqpaacyihjaq20029.jpg "/>

The patch installation is successful only if this is a test appears.

4Description

Originally intended to upload bash patches, did not expect to be illegal upload caused by upload failure.

This article is from the "Aerfa21_myhome" blog, make sure to keep this source http://aerfa21.blog.51cto.com/6656626/1608134

Bash Vulnerability Security Hardening