Linux Bash严重漏洞修复方法

9月25日Linux官方内置Bash中新发现一个非常严重安全漏洞(漏洞参考https://access.redhat.com/security/cve/CVE-2014-6271 ),黑客可以利用该Bash漏洞完全控制目标系统并发起攻击。考虑到公司有两台阿里云服务器,紧急给他们打了补丁,阿里云给出了详细的修复方式(修补方案http://bbs.aliyun.com/read/176977.html):

【修补方案】

  1. 为云服务器生成快照,以免操作后导致数据丢失等灾难
  2. 确认 Linux 系统的版本,并在修补方案中查找对应脚本
  3. 使用 root 登录服务器 ssh [email protected][服务器 ip]
  4. 执行修复脚本
  5. 关机睡觉

【实际操作】

//登录服务器
Marshall-MBP:~ Marshall$ ssh [email protected]
[email protected]'s password:
Last login: Mon Sep  1 14:50:28 2014 from xxx.xxx.xxx.xxx

Welcome to aliyun Elastic Compute Service!

-bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory

//主机是 CentOS的,使用 yum更新
[[email protected] ~]# yum -y update bash
Failed to set locale, defaulting to C
Loaded plugins: fastestmirror
Determining fastest mirrors
 * base: mirrors.neusoft.edu.cn
 * extras: mirrors.btte.net
 * updates: mirror.neu.edu.cn
base                                                     | 3.7 kB     00:00
extras                                                   | 3.3 kB     00:00
extras/primary_db                                        |  19 kB     00:00
updates                                                  | 3.4 kB     00:00
updates/primary_db             2% [                   ]  31 kB/s | 128 kB     02:49 ETAuupdates/primary_db                                               | 5.3 MB     00:22
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package bash.x86_64 0:4.1.2-15.el6_4 will be updated
---> Package bash.x86_64 0:4.1.2-15.el6_5.1 will be an update
--> Finished Dependency Resolution

Dependencies Resolved

========================================================================================
 Package         Arch              Version                     Repository          Size
========================================================================================
Updating:
 bash            x86_64            4.1.2-15.el6_5.1            updates            905 k

Transaction Summary
========================================================================================
Upgrade       1 Package(s)

Total download size: 905 k
Downloading Packages:
bash-4.1.2-15.el6_5.1.x86_64.rpm                                 | 905 kB     00:01
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating   : bash-4.1.2-15.el6_5.1.x86_64                                         1/2
  Cleanup    : bash-4.1.2-15.el6_4.x86_64                                           2/2
  Verifying  : bash-4.1.2-15.el6_5.1.x86_64                                         1/2
  Verifying  : bash-4.1.2-15.el6_4.x86_64                                           2/2

Updated:
  bash.x86_64 0:4.1.2-15.el6_5.1

Complete!

//成功后使用脚本检测,已修复
[[email protected] ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
[[email protected] ~]#

 

下面的都来自阿里云的Bug背景信息,看不看关系不大, 最关心的解决方式都在上面了:

【已确认被成功利用的软件及系统 
所有安装GNU bash 版本小于或者等于4.3的Linux操作系统。 

【漏洞描述】 
该漏洞源于你调用的bash shell之前创建的特殊的环境变量,这些变量可以包含代码,同时会被bash执行。 
 
【漏洞检测方法】
漏洞检测命令:env x='() { :;}; echo vulnerable’ bash -c “echo this is a test”

修复前
输出:
vulnerable
this is a test

使用修补方案修复后
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
特别提示:该修复不会有任何影响,如果您的脚本使用以上方式定义环境变量,修复后您的脚本执行会报错。

 

参考文章:

Linux Bash漏洞参考

Linux Bash严重漏洞修复紧急通知

普人特福的博客cnzz&51la for wordpress,cnzz for wordpress,51la for wordpress