Mitigating shellshock vulnerability (CVE-2014-6271 CVE-2014-7169)
Regole Mod_security: SecRule REQUEST_HEADERS "^\(\s*\)\s+{" "phase:1,deny,id:1000000,t:urlDecode,status:400,log,msg:'CVE-2014-6271 - Bash Attack'" SecRule REQUEST_LINE "^\(\s*\)\s+{"...
View ArticleShellShock bash patch source
# www.mondounix.com - ShellShock bash patch source mkdir /tmp/bash cd /tmp/bash wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz for i in $(seq -f "%03g" 0 30); do wget...
View ArticleDNS Reverse Lookup Shellshock
Security Advisory DNS Reverse Lookup as a vector for the Bash vulnerability (CVE-2014-6271 et.al.) CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278...
View Articlebashcheck local shellshock checker
#!/bin/bash warn() { if [ "$scary" == "1" ]; then echo -e "\033[91mVulnerable to $1\033[39m" else echo -e "\033[93mFound non-exploitable $1\033[39m" fi } good() { echo -e "\033[92mNot vulnerable...
View Article
