原创

Bash漏洞说明以及Centos5/6和RHEL5/RHEL6下解决方案

yoodb 素文宅 操作系统 被围观 1211 0
Redhat漏洞说明: A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. 大致意思就是:攻击者可以利用这个漏洞或绕过环境限制来执行shell命令,某些服务和应用程序允许未经身份验证的远程攻击者提供环境变量。 运行命令:   
$env x='() { :;}; echo vulnerable'  bash -c "echo this is a test"
如果返回以下内容:说明有bash漏洞,则请尽快升级。 
 vulnerable    
this is a test

Centos和Redhat升级软件包官网说明:
http://lists.centos.org/pipermail/centos/2014-September/146099.html

https://access.redhat.com/site/solutions/1207723
i386:
39f53e854969bb0bcbb280bf6581ec5857c086cdd727adc5eec9b7a9b7dcd0a6  bash-3.2-33.el5.1.i386.rpm
x86_64:
336202c14095622471275b4c4d55d49f16ee065d4f77dcef4ae5479cc67e11ad  bash-3.2-33.el5.1.x86_64.rpm
Source:
c8ccac8652d7b44531ab0a76c6eb9b0209dcd1dddf149fb182d0471206704217  bash-3.2-33.el5.1.src.rpm
Centos5.X

x86_64位系统 
rpm -Uvh http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm
rpm -Uvh http://mirrors.163.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm
i386_32位系统 
rpm -Uvh http://mirrors.163.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm
rpm -Uvh http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm
Centos6.X

x86_64位系统 
rpm -Uvh http://mirrors.aliyun.com/centos/6/updates/x86_64/Packages/bash-4.1.2-15.el6_5.1.x86_64.rpm

rpm -Uvh http://mirrors.163.com/centos/6/updates/x86_64/Packages/bash-4.1.2-15.el6_5.1.x86_64.rpm

i386_32位系统 
rpm -Uvh http://mirrors.aliyun.com/centos/6/updates/i386/Packages/bash-4.1.2-15.el6_5.1.i686.
rpm
rpm  -Uvh http://mirrors.163.com/centos/6/updates/i386/Packages/bash-4.1.2-15.el6_5.1.i686.rpm
升级后信息如下: 
[root@i-bdojdcci ~]# rpm -qi bash
Name: bash Relocations: (not relocatable)
Version     : 4.1.2     Vendor: CentOS
Release     : 15.el6_5.1    Build Date: Wed 24 Sep 2014 10:45:54 PM CST
Install Date: Fri 26 Sep 2014 09:20:01 AM CST      Build Host: c6b8.bsys.dev.centos.org
Group       : System Environment/Shells     Source RPM: bash-4.1.2-15.el6_5.1.src.rpm
Size: 3139483  License: GPLv3+
Signature   : RSA/SHA1, Wed 24 Sep 2014 10:49:58 PM CST, Key ID 0946fca2c105b9de
Packager    : CentOS BuildSystem <http://bugs.centos.org>
URL : http://www.gnu.org/software/bash
Summary     : The GNU Bourne Again shell
Description :
The GNU Bourne Again shell (Bash) is a shell or command language
interpreter that is compatible with the Bourne shell (sh). Bash
incorporates useful features from the Korn shell (ksh) and the C shell
(csh). Most sh scripts can be run by bash without modification.

~阅读全文-人机检测~

微信公众号“Java精选”(w_z90110),专注Java技术干货分享!让你从此路人变大神!回复关键词领取资料:如Mysql、Hadoop、Dubbo、Spring Boot等,免费领取视频教程、资料文档和项目源码。微信搜索小程序“Java精选面试题”,内涵3000+道Java面试题!

涵盖:互联网那些事、算法与数据结构、SpringMVC、Spring boot、Spring Cloud、ElasticSearch、Linux、Mysql、Oracle等
标签:

您可能感兴趣的文章

评论

表情

分享:

支付宝

微信