Analysis | Shellshock

Shellshock
Log In or Register to download the BES file, and more.

0 Votes

Description

This will look for the vulnerable version of bash in RHEL 5/6/7 x64 systems. This is fairly simple to modify if you are testing for a different distro or architecture.

Property Details

ID	2994719
Status	QA - Ready for Production Level Testing
Title	Shellshock
Domain	BESC
Keywords	Shellshock vulnverable
Added by	sinucus on 9/28/2014 5:46:26 PM
Last Modified by	sinucus on 9/28/2014 5:46:26 PM
Counters	4054 Views / 5 Downloads
User Rating	* Average over 0 ratings. ** Log In or Register to add your rating.

Properties

Bash version

Period Every Report

* Results in a true/false

rpm version record of package "bash" of rpm

Vulnerable

Period Every Report

* Results in a true/false

(
    (
        exists package "bash" whose
        (
            rpm version record of it < rpm package version record "4.1.2-15.el6_5.2" AND rpm version record of it > rpm package version record "4.1.0-0.el1_0.0" AND architecture of it = "x86_64"
        )
        of it AND
        (
            not exists package "bash" whose
            (
                rpm version record of it >= rpm package version record "4.1.2-15.el6_5.2" AND architecture of it = "x86_64"
            )
            of it
        )
    )
    OR
    (
        exists package "bash" whose
        (
            rpm version record of it < rpm package version record "3.2-33.el5_11.4" AND rpm version record of it > rpm package version record "3.2-0.el1_0.0" AND architecture of it = "x86_64"
        )
        of it AND
        (
            not exists package "bash" whose
            (
                rpm version record of it >= rpm package version record "3.2-33.el5_11.4" AND architecture of it = "x86_64"
            )
            of it
        )
    )
    OR
    (
        exists package "bash" whose
        (
            rpm version record of it < rpm package version record "4.2.45-5.el7_0.4" AND rpm version record of it > rpm package version record "4.2.0-0.el1_0.1" AND architecture of it = "x86_64"
        )
        of it AND
        (
            not exists package "bash" whose
            (
                rpm version record of it >= rpm package version record "4.2.45-5.el7_0.4" AND architecture of it = "x86_64"
            )
            of it
        )
    )
)
of rpm

((exists package "bash" whose (rpm version record of it < rpm package version record "4.1.2-15.el6_5.2" AND rpm version record of it > rpm package version record "4.1.0-0.el1_0.0" AND architecture of it = "x86_64") of it AND (not exists package "bash" whose (rpm version record of it >= rpm package version record "4.1.2-15.el6_5.2" AND architecture of it = "x86_64") of it)) OR (exists package "bash" whose (rpm version record of it < rpm package version record "3.2-33.el5_11.4" AND rpm version record of it > rpm package version record "3.2-0.el1_0.0" AND architecture of it = "x86_64") of it AND (not exists package "bash" whose (rpm version record of it >= rpm package version record "3.2-33.el5_11.4" AND architecture of it = "x86_64") of it)) OR (exists package "bash" whose (rpm version record of it < rpm package version record "4.2.45-5.el7_0.4" AND rpm version record of it > rpm package version record "4.2.0-0.el1_0.1" AND architecture of it = "x86_64") of it AND (not exists package "bash" whose (rpm version record of it >= rpm package version record "4.2.45-5.el7_0.4" AND architecture of it = "x86_64") of it))) of rpm

Relevance

Relevance 2999339

Used in 1 analsis

* Results in a true/false

exists file "/etc/redhat-release"

Sharing

Social Media:

Search for:	Relevance	Fixlets/Tasks
	Analyses	BFI Signatures
	Dashboard/Wizard

Title	Keywords	Description
Relevance	Domain	ActionScript
Mime	Signature Content	(clear all)


Content Search Share Learn Projects	Utilities View SCM Scripts Base64 Converter Shell to Action Script	About About Us Tour FAQ Terms Contact Us	BigFix Resources Download BigFix Support Forum Github/Bigfix

Shellshock Log In or Register to download the BES file, and more.

Description

Property Details

Properties

Relevance

Sharing

Comments

Content

Utilities

About

BigFix Resources

Shellshock
Log In or Register to download the BES file, and more.