Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

Lien vers cette vue

bash-fix [Le 30/01/2019 à 16:36]
jaxom déplacement
— (Version actuelle)
Ligne 1: Ligne 1:
  
-#shellshock fix from sources 
- 
-If like me you maintain Gnu systems that are no longer maintained from the official depositories, 
-thanks to the free software model we are able to solve that issue. 
- 
-Based on: http://readwrite.com/2014/09/26/macs-apple-vulnerable-shellshock-bug-fix-patch 
- 
-Dependencies: 
-  * gcc 
-  * patch 
-  * curl 
- 
- 
-====== Bash 4.3 fix ====== 
- 
-<code> 
-# yes you are vulnerable 
-which bash 
- 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
- 
-bash --version  
-cd 
-mkdir -p bash-fix 
-cd bash-fix 
-curl http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz | tar xzvf - 
-cd bash-4.3/ 
-# could patch only with the 8 but let's apply all 
-for num in 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26; do  
-  curl http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-0$num | patch -p0 
-done 
-./configure 
-make 
- 
-# No more vulnerable! 
-env x='() { :;}; echo vulnerable' ./bash -c "echo you are" 
- 
-# replacing buggy binary bash 
-cp -f ./bash /bin/bash 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
-</code> 
- 
-====== Bash 2.05b fix ====== 
- 
-<code> 
-# yes you are vulnerable 
-which bash 
- 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
- 
-bash --version  
-cd 
-mkdir -p bash-fix 
-cd bash-fix 
-curl http://ftp.gnu.org/gnu/bash/bash-2.05b.tar.gz | tar xzvf - 
-cd bash-2.05b/ 
-# could patch only with the 8 but let's apply all 
-for num in 1 2 3 4 5 6 7 8 9; do curl http://ftp.gnu.org/gnu/bash/bash-2.05b-patches/bash205b-00$num | patch -p0 ; done 
-./configure 
-make 
- 
-# No more vulnerable! 
-env x='() { :;}; echo vulnerable' ./bash -c "echo you are" 
- 
-# replacing buggy binary bash 
-cp -f ./bash /bin/bash 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
-</code> 
- 
-====== Bash bash-3.2 fix ====== 
- 
-<code> 
-# yes you are vulnerable 
- 
-which bash 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
- 
-bash --version  
-cd 
-mkdir -p bash-fix 
-cd bash-fix 
-curl http://ftp.gnu.org/gnu/bash/bash-3.2.48.tar.gz | tar xzvf - 
-cd bash-3.2.48/ 
-# could patch only with the 52 but let's apply all 
-for num in 49 50 51 52 53; do curl http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-0$num | patch -p0 ; done 
-./configure 
-make 
- 
-# No more vulnerable 
-env x='() { :;}; echo vulnerable' ./bash -c "echo you are" 
- 
-# replacing buggy binary bash 
-cp -f ./bash /bin/bash 
-env x='() { :;}; echo vulnerable' /bin/bash -c "echo you are" 
-</code> 
 
    Haut de page
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Design by Chirripó