Bash vulnerability in Solaris 10

Similar Messages

• [CVE-2014-6271] IronPort appliances affected by recent bash vulnerability?

  http://threatpost.com/major-bash-vulnerability-affects-linux-unix-mac-os-x
  Discussion?

  Cisco has issued an official PSIRT notice for the GNU Bash Environmental Variable Command Injection Vulnerability (CVE-2014-6271), please refer all inquiries to:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
  Please refer to the expanded "Affected Products".
  The following Cisco products are currently under investigation:
  Cable Modems
  Cisco CWMS
  Network Application, Service, and Acceleration
  Cisco ACE GSS 4400 Series Global Site Selector
  Cisco ASA
  Cisco GSS 4492R Global Site Selector
  Network and Content Security Devices
  Cisco IronPort Encryption Appliance
  Cisco Ironport WSA
  Routing and Switching - Enterprise and Service Provider
  Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500
  Cisco ISM
  Cisco NCS6000
  Voice and Unified Communications Devices
  Cisco Finesse
  Cisco MediaSense
  Cisco SocialMiner
  Cisco Unified Contact Center Express (UCCX)
  Products and services listed in the subsections below have had their exposure to this vulnerability confirmed. Additional products will be added to these sections as the investigation continues.

• Contact Center Express GNU Bash vulnerability CSCur02861

  Cisco Security Advisory notes that Contact Center Express is affected by GNU bash vulnerability  [CSCur02861] . But this bug report is not public available. does anyone have information which versions are affected?

  8.0(2)SU5
  NO patch  as it has reached End of SW Maintenance Releases Date
  8.5(1)SU4
  http://software.cisco.com/download/release.html?mdfid=283625051&flowid=46059&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
  9.0(1)
  http://software.cisco.com/download/release.html?mdfid=284367996&flowid=46061&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
  9.0(2)SU2
  http://software.cisco.com/download/release.html?mdfid=284666782&flowid=46062&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
  10.0(1)SU1
  http://software.cisco.com/download/release.html?mdfid=285000761&flowid=49042&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest10.5(1)SU1
  http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest
  10.5(1)SU1
  http://software.cisco.com/download/release.html?mdfid=286265496&flowid=70402&softwareid=280840578&release=Security_Patches&relind=AVAILABLE&rellifecycle=&reltype=latest

• NX-OS ( n7000-s1-dk9.5.1.3.bin ) BASH VULNERABILITY - CVE-2014-6271 and CVE-2014-7169

  Hi ,
  Nexus 7000 evaluation for CVE-2014-6271 and CVE-2014-7169 , I am referring below link to check for NX OS  - n7000-s1-dk9.5.1.3.bin
  https://tools.cisco.com/bugsearch/bug/CSCur04856
  5.1.3 is not mentioned in the affected list.Need help to know if 5.1 is affected with BASH Vulnerability .
  Thanks for help in advance .

  The concern with the bash shell is that services MAY be setup to run as
  users which use those shells, and therefore be able to have things
  injected into those shells. Nothing on NetWare uses bash by default,
  because NetWare is not anything like Linux/Unix in its use of shells.
  Sure, you can load bash for fun and profit on NetWare, but unless you
  explicitly request it the bash.nlm file is never used. On NetWare I do
  not think it is even possible to have any normal non-Bash environment
  variable somehow be exported/inherited into a bash shell, though I've
  never tried.
  Good luck.
  If you find this post helpful and are logged into the web interface,
  show your appreciation and click on the star below...

• Bash issue on solaris 8 ( Segmentation fault for non root users)

  Hi,
  This is solaris 8 on sparc and a NFS file server for the NIS+ environment. As supposed to be this file server is nis+ client.
  Now this issue happens only sometimes and goes away on its own but it did not this time.
  I connect to file server using ssh, system closes my session,
  this is ssh -vvv log , copied here : http://pastebin.ca/1633893Please note that my shell is /bin/bash. It worked 99% time but not now, nothing is changed on system.
  If I ssh root@fileserver then ssh connection works fine. root can also run bash command. and run other commands in bash
  For a normal user with csh if the user tries "bash" , then gets
  user@fileserver%> bash
  Segmentation Fault
  I am thinking this is somewhere related to rpc but I do not see any errors on nis+ server nor on fileserver.
  %>truss bash o/p is here :
  http://pastebin.ca/1633907Please let me know what is this issue related to. If by stopping/restarting a process helps that would be great.
  one more thing to note is, other nis+ clients can mount shares from this fileserver properly and authentication also works fine on them even for users with /bin/bash shell and bash does work manually also.
  If you need any other info, please let me know
  Please help!
  Thanks!

  Anyone any idea? I thought the truss o/p copied in pastebin might be very useful
  Additional info, for someone with /bin/tcsh as shell, when su - <user> from root account, following messages come up
  free(4b31688) bad block. (memtop = 4b7e400 membot = 9c9a0)
  free(4b31688) bad block. (memtop = 4b7e400 membot = 9c9a0)
  free(4b316c8) bad block. (memtop = 4b7e400 membot = 9c9a0)
  free(4b316c8) bad block. (memtop = 4b7e400 membot = 9c9a0)
  free(4b31448) bad block. (memtop = 4b7ec00 membot = 9c9a0)
  free(4b31448) bad block. (memtop = 4b7ec00 membot = 9c9a0)
  free(49fca08) bad block. (memtop = 4b7f400 membot = 9c9a0)
  free(49fca08) bad block. (memtop = 4b7f400 membot = 9c9a0)$ truss -f -t stat,open /bin/bash
  http://pastebin.ca/1635134

• Re : teardrop vulnerability in Solaris 8 SPARC

  CONFIG :
  NETRA X1
  SOLARIS 8
  Currently we are stress testing a firewall and DMZ config using Nessus. Nessus crashed my web server ( config above ) and reported that the cause was a vulnerablilty to the teardrop ip-frag DoS attack. Isn't this an old attack ? If any knows what patch for Solaris 8 exists to patch this vulnerability please respond. I am too new to sunsolve etc.. to figure out how to find the patch .
  Thanks
  MJ

  Have you set filec=on ?
  Steve - SunDTS

• Differences in writting bash-script in Solaris and in RHEL?

  I wrote a script 'checkinstall' as follow and it works fine by RHEL:
  [code]
  #!/bin/sh
  HOSTNAME=hostname
  echo $HOSTNAME
  if [ $HOSTNAME == "S001AP99-TEST" ]; then
      echo This is the wrong machine.\
      echo "\nAbouting installation.\n\n"
      exit 1
  fi
  exit 0
  [/code]
  But when I run this by Solaris I got:
  # ./checkinstall
  hostname
  ./checkinstall: test: unknown operator ==
  I changed the line HOSTNAME=hostname to HOSTNAME=`hostname` and it outputs the correct hostname.
  But I still get error:
  # ./checkinstall
  S001AP99-TEST
  ./checkinstall: test: unknown operator ==

  If you want to create bash scripts, then the first step is to set the right shell in the first line => #!/bin/bash
  Then, after this important step, you can try if this works. Oh surprise, it's working.

• Updating bash version in solaris

  Hello guys,
  Currently my bash version is 3.0.(solaris 10 release 09/10). I want to upgrade it to bash 4.2.
  Could anybody suggest me the procedure ?
  -Thank You IA-

  Thanks Nik for your suggestion. But see the below errors i am getting while running the configure script. Please suggest how to proceed.
  bash-3.00# cd /Desktop/bash-4.2
  bash-3.00# ./configure
  checking build system type... i386-pc-solaris2.10
  checking host system type... i386-pc-solaris2.10
  Beginning configuration for bash-4.2-release for i386-pc-solaris2.10
  checking for gcc... no
  checking for cc... no
  checking for cl.exe... no
  configure: error: in `/Desktop/bash-4.2':
  configure: error: no acceptable C compiler found in $PATH
  See `config.log' for more details.
  bash-3.00#
  I can see the gcc package in installed in my machine. Then why this ? Please have a look .
  Thanks
  Subhrajit

• Bash vulnerability bash CVE-2014-6271 on Cisco devices

  Hi, all,
  Anybody know whether any Cisco devices are vulnerable to  recent bash CVE-2014-6271? I am especially concerned about ASA which opens https to the public.
  Thanks,

  Have a look here: 
  http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_Bash_09252014.html
  and here:
  http://tools.cisco.com/security/center/mcontent/CiscoSecurityAdvisory/cisco-sa-20140926-bash
  Under affected products. 

• CUCM GNU BASH vulnerability

  Hi
  Cisco advisory states that versions 9.0, and 9.1 are vulnerable and a fix (9.1(2.13060.1)) is available however I do not see this file available on the downloads page. 
  https://software.cisco.com/download/release.html?mdfid=284510097&flowid=45900&softwareid=282074295&release=9.1(2)SU2a&relind=AVAILABLE&rellifecycle=&reltype=latest
  does anyone know where is this upgrade file available?

  The Readme document of the CUCM IM&P 10.5 Bash Environment Variable Patch.
  http://software.cisco.com/download/release.html?mdfid=286269517&flowid=50462&softwareid=282074312&release=UTILS&relind=AVAILABLE&rellifecycle=&reltype=latest (registered users only)
  states :
  This package will install on the following System Versions: 
    - 8.6.4.10000-28 or any higher version starting with 8.6.4.xxxxx 
   - 8.6.5.10000-12 or any higher version starting with 8.6.5.xxxxx
   - 9.1.1.10000-8 or any higher version starting with 9.1.1.xxxxx 
   - 10.0.1.10000-26 or any higher version starting with 10.0.1.xxxxx 
   - 10.5.1.10000-9 or any higher version starting with 10.5.1.xxxxx 
  So the answer for you is : you should have at least/upgrade to 8.6.4.10000-28 and then apply the patch.
  Regards.

• CSCuq98748- Bash Vulnerability

  All current versions of NX-OS on this platform are affected unless otherwise stated.
  unless otherwise stated ..
  so you mean only the following 9 Releases are affected?
  4.2(8)
  5.2(9)
  5.2(9a)S3
  6.1(5)
  6.2(6)
  6.2(8a)
  7.0(2)
  7.1(0)ZN(91.98)
  7.1(0)ZN(91.99)

     Yes they are vulnerable if you are using a certain version of code . The 5k's have 3 different versions that are vulnerABLE and the 7k's have one version  6.2.6 which is vulnerable.
  5K info
  Last Modified:
  Sep 29,2014
  Status:
  Open
  Severity:
  2 Severe
  Product:
  Cisco Nexus 5000 Series Switches
  Support Cases:
  0
  Known Affected Releases:
  (3)
  5.2(1)N1(8a)
  6.0(2)N2(5)
  7.0(3)N1(0.125)
  Known Fixed Releases:
  (0)
  Download software for  Cisco Nexus 5000 Series Switches
  Support Cases:
  (0)
  Support case links are not customer visible
  -->
  Related Bugs
  Bug(s)
  -->
  Community Discussion on CSCur05017 - Cisco Support Community

• Install Guide for the Patch CSCur04820 (Bash Vulnerability)

  Dear Community,
  is there a documentation for the installation of patch CSCur04820 on Prime Collaboration Assurance 10.5.1? In the software downloads sections, there is no readme file provided.
  Your answers are greatly appreciated.
  Best regards
  Igor

  Duplicate
  https://supportforums.cisco.com/discussion/12415666/install-guide-patch-cscur04820-bash-vulnerability

• Community Discussion on CSCuq98748- Bash Vulnerability

  Hi, Is Nexus 7K and 5K are open to Shellshock vulnerable?
  can you please confirm

     Yes they are vulnerable if you are using a certain version of code . The 5k's have 3 different versions that are vulnerABLE and the 7k's have one version  6.2.6 which is vulnerable.
  5K info
  Last Modified:
  Sep 29,2014
  Status:
  Open
  Severity:
  2 Severe
  Product:
  Cisco Nexus 5000 Series Switches
  Support Cases:
  0
  Known Affected Releases:
  (3)
  5.2(1)N1(8a)
  6.0(2)N2(5)
  7.0(3)N1(0.125)
  Known Fixed Releases:
  (0)
  Download software for  Cisco Nexus 5000 Series Switches
  Support Cases:
  (0)
  Support case links are not customer visible
  -->
  Related Bugs
  Bug(s)
  -->
  Community Discussion on CSCur05017 - Cisco Support Community

• Fix for GNU bash vulnerability CSCur05454 in Instant Messaging & presence server available?

  Hello,
  bug reports says 'Status: fixes' but I cannot find a patch for IM&P.
  any information abaout that?
  Juergen

  The Readme document of the CUCM IM&P 10.5 Bash Environment Variable Patch.
  http://software.cisco.com/download/release.html?mdfid=286269517&flowid=50462&softwareid=282074312&release=UTILS&relind=AVAILABLE&rellifecycle=&reltype=latest (registered users only)
  states :
  This package will install on the following System Versions: 
    - 8.6.4.10000-28 or any higher version starting with 8.6.4.xxxxx 
   - 8.6.5.10000-12 or any higher version starting with 8.6.5.xxxxx
   - 9.1.1.10000-8 or any higher version starting with 9.1.1.xxxxx 
   - 10.0.1.10000-26 or any higher version starting with 10.0.1.xxxxx 
   - 10.5.1.10000-9 or any higher version starting with 10.5.1.xxxxx 
  So the answer for you is : you should have at least/upgrade to 8.6.4.10000-28 and then apply the patch.
  Regards.

• CVE-2014-6271 bash vulnerability

  more info on this here:
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
  http://www.reddit.com/r/sysadmin/comments/2hc5rk/cve20146271_remote_code_executi on_through_bash/
  I'm assuming Apple will release a security update for this on supported versions of the Mac OS but in the meantime, is there a fix that we can apply?   What is an easy way to patch this on older OS versions that Apple is no longer supporting?    (perhaps something short of recompiling bash)

  I had foolishly imagined that the update to "Command Line Tools (OS X 10.9)" released (I thought?) today would fix this. It does not. The referenced fixes do, although, as sjabour said, don't just run those blindly: understand what they do.
  As an aside, after patching other Unix systems I care for, I also changed all users' (and, on Linux, root's) shells to something else (I like Zsh, although that may not be right for root in all cases). On Darwin, root's shell is "/bin/sh", but, as with most Linux distributions, that's actually just bash. You absolutely can execute Zsh as sh, and have it behave as an sh-alike, so if you aren't comfortable with patching and rebuilding, but are comfortable with basic SA practice (or you just don't have XCode for whatever reason), you could replace the bash /bin/sh with a hard link to /bin/zsh instead, like this:
  % cd /bin
  % sudo ln sh sh-real
  % sudo ln -f zsh sh
  % ls -li sh* zsh
    334241 -rwxr-xr-x  2 root  wheel   530320 Oct 31  2013 sh
     11118 -r-xr-xr-x  1 root  wheel   942308 Sep 24 23:53 sh-real
  18050387 ----------  1 root  wheel  1228304 Sep 24 23:51 sh.CVE-2014-6271
    334241 -rwxr-xr-x  2 root  wheel   530320 Oct 31  2013 zsh
  % sudo su -
  # echo $SHELL
  /bin/sh
  # /bin/sh --version
  zsh 5.0.2 (x86_64-apple-darwin13.0)