"CVE-2014-6271 쉘쇼크 Bash 취약점 조치"의 두 판 사이의 차이

2020년 11월 2일 (월) 00:55 기준 최신판

✔️ CentOS 5 + bash 3.2, CentOS 6 + bash 4.1.2, CentOS 7 + bash 4.2.45에서 테스트하였습니다.

1 개요[ | ]

shellshock
[CVE-2014-6271] GNU Bash 원격코드 인젝션 취약점 확인 및 조치
2014년 9월 Bourne Again Shell(Bash) 취약점 보안 업데이트
쉘쇼크, 셸쇼크, 쉘쇼크 해결방법, 조치방법

CentOS 6: bash-4.1.2-15.el6_4.x86_64 → bash-4.1.2-15.el6_5.2.x86_64
CentOS 7: bash-4.2.45-5.el7.x86_64 → bash-4.2.45-5.el7_0.4.x86_64

2 확인방법[ | ]

Bash

Copy

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

Bash

Copy

rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo

Bash

Copy

(for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
echo "CVE-2014-7187 vulnerable, word_lineno"

3 확인 1 (취약)[ | ]

Console

Copy

[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
vulnerable
this is a test

→ echo vulnerable이 수행되었으므로 취약함

Console

Copy

[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
sh: X: line 1: syntax error near unexpected token `='
sh: X: line 1: `'
sh: error importing function definition for `X'
Sun Feb 15 18:41:31 KST 2015

→ date 명령어가 실행되고 echo 파일이 생성되었으므로 취약함

Console

Copy

[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
> echo "CVE-2014-7187 vulnerable, word_lineno"
bash: line 129: syntax error near `x129'
bash: line 129: `for x129 in ; do :'
CVE-2014-7187 vulnerable, word_lineno

→ echo ... 명령어가 수행되었으므로 취약함

4 Bash 버전 확인[ | ]

Bash 버전 확인 문서를 참고하십시오.

Console

Copy

[root@zetawiki ~]# rpm -qa | grep bash
bash-3.2-32.el5

Console

Copy

[root@zetawiki ~]# rpm -qa | grep bash
bash-4.1.2-15.el6_4.x86_64

5 Bash 업데이트[ | ]

Console

Copy

[root@zetawiki ~]# yum update bash
... (생략)
================================================================
 Package    Arch         Version               Repository  Size
================================================================
Updating:
 bash       x86_64       4.1.2-29.el6          base       907 k

Transaction Summary
================================================================
Upgrade       1 Package(s)

Total download size: 907 k
Is this ok [y/N]: y

Console

Copy

... (생략)
Updated:
  bash.x86_64 0:4.1.2-29.el6                                    

Complete!

6 확인 2 (안전)[ | ]

Console

Copy

[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test

Console

Copy

[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
date
cat: echo: No such file or directory

Console

Copy

[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
> echo "CVE-2014-7187 vulnerable, word_lineno"

7 같이 보기[ | ]

8 참고[ | ]

@@ 1번째 줄: / 1번째 줄: @@
-{{테스트|CentOS 5, bash 3.2}}
+{{테스트|CentOS 5 + bash 3.2, CentOS 6 + bash 4.1.2, CentOS 7 + bash 4.2.45}}
 ==개요==
 ;shellshock
 ;[CVE-2014-6271] GNU Bash 원격코드 인젝션 취약점 확인 및 조치
 ;2014년 9월 Bourne Again Shell(Bash) 취약점 보안 업데이트
-;쉘쇼크, 쉘쇼크 조치방법
+;쉘쇼크, 셸쇼크, 쉘쇼크 해결방법, 조치방법
+*CentOS 6: bash-4.1.2-15.el6_4.x86_64 → bash-4.1.2-15.el6_5.2.x86_64
+*CentOS 7: bash-4.2.45-5.el7.x86_64 → bash-4.2.45-5.el7_0.4.x86_64
 ==확인방법==
-<source lang='bash'>
+<syntaxhighlight lang='bash'>
 env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
-</source>
+</syntaxhighlight>
-<source lang='bash'>
+<syntaxhighlight lang='bash'>
 rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
-</source>
+</syntaxhighlight>
-<source lang='bash'>
+<syntaxhighlight lang='bash'>
 (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
 echo "CVE-2014-7187 vulnerable, word_lineno"
-</source>
+</syntaxhighlight>
 ==확인 1 (취약)==
-<source lang='text'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
+[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
 vulnerable
 this is a test
-</source>
+</syntaxhighlight>
 :→ <code>echo vulnerable</code>이 수행되었으므로 취약함
-<source lang='text'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
+[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
 sh: X: line 1: syntax error near unexpected token `='
 sh: X: line 1: `'
 sh: error importing function definition for `X'
-</source>
+Sun Feb 15 18:41:31 KST 2015
-:→ date 명령어가 실행되고 /tmp/echo 파일이 생성되었으므로 취약함
+</syntaxhighlight>
-<source lang='text'>
+:→ date 명령어가 실행되고 echo 파일이 생성되었으므로 취약함
-[root@jmnote ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
+<syntaxhighlight lang='console'>
+[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
 > echo "CVE-2014-7187 vulnerable, word_lineno"
 bash: line 129: syntax error near `x129'
 bash: line 129: `for x129 in ; do :'
 CVE-2014-7187 vulnerable, word_lineno
-</source>
+</syntaxhighlight>
 :→ echo ... 명령어가 수행되었으므로 취약함
 ==Bash 버전 확인==
 {{참고|Bash 버전 확인}}
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote tmp]# rpm -qa | grep bash
+[root@zetawiki ~]# rpm -qa | grep bash
 bash-3.2-32.el5
-</source>
+</syntaxhighlight>
+<syntaxhighlight lang='console'>
+[root@zetawiki ~]# rpm -qa | grep bash
+bash-4.1.2-15.el6_4.x86_64
+</syntaxhighlight>
 ==Bash 업데이트==
-<source lang='dos'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# yum update bash
+[root@zetawiki ~]# yum update bash
 ... (생략)
-===========================================================================================
+================================================================
-  Package          Arch               Version                     Repository           Size
+  Package    Arch         Version               Repository  Size
-===========================================================================================
+================================================================
 Updating:
-  bash             x86_64             3.2-33.el5_10.4             updates             1.8 M
+  bash       x86_64       4.1.2-29.el6          base       907 k
 Transaction Summary
-===========================================================================================
+================================================================
-Install       0 Package(s)
 Upgrade       1 Package(s)
-Total download size: 1.8 M
+Total download size: 907 k
 Is this ok [y/N]: y
-</source>
+</syntaxhighlight>
-<source lang='dos'>
+<syntaxhighlight lang='console'>
 ... (생략)
 Updated:
-   bash.x86_64 0:3.2-33.el5_10.4
+   bash.x86_64 0:4.1.2-29.el6
 Complete!
-</source>
+</syntaxhighlight>
-==확인 (안전)==
+==확인 2 (안전)==
-<source lang='text'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
+[root@zetawiki ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
 this is a test
-</source>
+</syntaxhighlight>
-<source lang='text'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# env X='() { (a)=>\' sh -c "echo date"; cat echo
+[root@zetawiki ~]# rm -f echo; env X='() { (a)=>\' sh -c "echo date"; cat echo
 date
 cat: echo: No such file or directory
-</source>
+</syntaxhighlight>
-<source lang='text'>
+<syntaxhighlight lang='console'>
-[root@jmnote ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
+[root@zetawiki ~]# (for x in {1..200} ; do echo "for x$x in ; do :"; done; for x in {1..200} ; do echo done ; done) | bash ||
 > echo "CVE-2014-7187 vulnerable, word_lineno"
-</source>
+</syntaxhighlight>
 ==같이 보기==
+*[[쉘쇼크]]
 *[[Bash 버전 확인]]
+*[[하트블리드]]
+*[[쉘]]
+*[[CVE]]
-==참고 자료==
+==참고==
+*https://en.wikipedia.org/wiki/Shellshock_(software_bug)
 *http://hacksum.net/vuln/cve-2014-6271-gnu-bash-원격코드-인젝션-취약점/
-*https://en.wikipedia.org/wiki/Shellshock_(software_bug)
+*https://access.redhat.com/ko/node/1215293
+[[분류: CVE]]
 [[분류: Bash]]
-[[분류: 보안]]
 [[분류: Yum 설치]]
+[[분류: 2014년]]