CVE-2014-6271, CVE-2014-7169 Bash Vulnerability

more on https://shellshocker.net/

CVE-2014-6271 remote execution code through bash.
CVE-2014-7169 incomplete fix for CVE-2014-6271

• Ubuntu : http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-7169.html (4.2-2ubuntu2.3, 4.3-7ubuntu1.2)
• Red Hat :https://access.redhat.com/security/cve/CVE-2014-7169
• Red Hat: https://access.redhat.com/articles/1200223
• Debian : https://security-tracker.debian.org/tracker/CVE-2014-7169
• CentOS: https://www.conoha.jp/blog/tech/3490.html (Japanese)
• CoreOS: https://coreos.com/blog/security-update-shellshock/
• Mac OS X: http://showterm.io/c96936f54f88c4475737d (need XCode)

FOR UBUNTU:

Remarks: CVE-2014-7169 has no patches yet !!! (9/24/2014)
(9/26/2014) Ubuntu patch for CVE-2014-7169

for ubuntu,  just use following command to upgrade bash

$ sudo apt-get update && sudo apt-get install bash

## check your bash version with

$ dpkg -s bash | grep Version
Version: 4.2-2ubuntu2.3

or


$ dpkg -s bash | grep Version
Version: 4.3-7ubuntu1.2




if your bash is patched, you will see no "echo" for 'vulnerable' as bellow;

$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test


FOR CENTOS

CentOS7 bash-4.2.45-5.el7_0.4 CentOS6 bash-4.1.2-15.el6_5.2 CentOS5 bash-3.2-33.el5_11.4

after you install openstack on Ubuntu 14.04 server, you can use following nova commands

root@ssd:~# nova --os-username=admin --os-tenant-name=admin --os-auth-url="http://10.0.1.100:5000/v2.0/" usage
OS Password:
Usage from 2014-07-23 to 2014-08-21:
+---------+--------------+-----------+---------------+
| Servers | RAM MB-Hours | CPU Hours | Disk GB-Hours |
+---------+--------------+-----------+---------------+
| 2       | 556.80       | 1.09      | 1.09          |
+---------+--------------+-----------+---------------+

root@ssd:~# nova --os-username=admin --os-tenant-name=admin --os-auth-url="http://10.0.1.100:5000/v2.0/" --version
2.17.0

no password for CoreOS to login as username: core (on AWS EC2)

ming➜~/.ec2» ssh -i turboteam.pem root@54.64.18.203                                                              [16:45:05]
root@54.64.18.203's password:
Permission denied, please try again.
root@54.64.18.203's password:
Permission denied, please try again.
root@54.64.18.203's password:
Connection closed by 54.64.18.203
ming➜~/.ec2» ssh -i turboteam.pem root@54.64.18.203                                                              [16:54:17]
root@54.64.18.203's password:
Permission denied, please try again.
root@54.64.18.203's password:
Permission denied, please try again.
root@54.64.18.203's password:
Permission denied (publickey,password,keyboard-interactive).
ming➜~/.ec2»                                                                                                     [16:54:27]
ming➜~/.ec2» ssh -i turboteam.pem root@54.64.18.203                                                              [16:54:28]
root@54.64.18.203's password:

ming➜~/.ec2» ssh -i turboteam.pem core@54.64.18.203                                                              [16:54:45]
CoreOS (beta)

A couple ways to launch an EC2 on AWS from remote.

• Vagrant (https://github.com/mitchellh/vagrant-aws)
• Apache Mesos (https://elastic.mesosphere.io/) 3-steps.
• Vagrant + Mesos (https://github.com/everpeace/vagrant-mesos#sec2)
• using jcloud library (https://jclouds.apache.org/guides/aws-ec2/)
• ???

install VirtualBox on uBuntu server (no test on AWS EC2)

sudo sh -c "echo 'deb http://download.virtualbox.org/virtualbox/debian '$(lsb_release -cs)' contrib non-free' > /etc/apt/sources.list.d/virtualbox.list" && wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc -O- | sudo apt-key add - && sudo apt-get update && sudo apt-get install virtualbox-4.3 dkms

how to install docker on AWS EC2 CentOS instance.

<You can still despise git within a year, but not docker.>

sudo yum -y install docker-io

sudo service docker start

sudo chkconfig docker on

test to create an ubuntu container

sudo docker run -it ubuntu sh

<demo>

[ec2-user@ip-172-31-27-45 ~]$ sudo yum -y install docker-io

Loaded plugins: priorities, update-motd, upgrade-helper

amzn-main/latest                                         | 2.1 kB     00:00     

amzn-updates/latest                                      | 2.3 kB     00:00     

mongodb                                                  |  951 B     00:00     

Package docker-1.0.0-1.15.amzn1.x86_64 already installed and latest version

Nothing to do

[ec2-user@ip-172-31-27-45 ~]$ sudo service docker start

Starting cgconfig service:                                 [  OK  ]

Starting docker:                                   [  OK  ]

[ec2-user@ip-172-31-27-45 ~]$ sudo chkconfig docker on

[ec2-user@ip-172-31-27-45 ~]$ sudo docker run -it ubuntu sh

Unable to find image 'ubuntu' locally

Pulling repository ubuntu

ba5877dc9bec: Download complete 

511136ea3c5a: Download complete 

9bad880da3d2: Download complete 

25f11f5fb0cb: Download complete 

ebc34468f71d: Download complete 

2318d26665ef: Download complete 

# uname -a

Linux d5d4e7e0ea4e 3.10.38-49.136.amzn1.x86_64 #1 SMP Mon May 5 18:28:06 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

# df

Filesystem                                                                                       1K-blocks    Used Available Use% Mounted on

/dev/mapper/docker-202:1-147559-d5d4e7e0ea4e50bff40e7e53a4106e2c238066811bbebbe86020f1c7cce987dd  10190136  228364   9421100   3% /

tmpfs                                                                                               303460       0    303460   0% /dev

shm                                                                                                  65536       0     65536   0% /dev/shm

/dev/xvda1                                                                                         8125880 7426032    599580  93% /etc/hosts

tmpfs                                                                                               303460       0    303460   0% /proc/kcore

# exit

[ec2-user@ip-172-31-27-45 ~]$ uname -a

Linux ip-172-31-27-45 3.10.38-49.136.amzn1.x86_64 #1 SMP Mon May 5 18:28:06 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

[ec2-user@ip-172-31-27-45 ~]$ df

df: ‘/var/lib/docker/devicemapper’: Permission denied

Filesystem     1K-blocks    Used Available Use% Mounted on

/dev/xvda1       8125880 7426012    599600  93% /

devtmpfs          287060      52    287008   1% /dev

tmpfs             303460       0    303460   0% /dev/shm

Error: couldn't connect to server 127.0.0.1:27017 (127.0.0.1), connection attempt failed at src/mongo/shell/mongo.js:146

MongoDB shell version: 2.6.3

connecting to: test

2014-07-01T15:34:46.151+0800 warning: Failed to connect to 127.0.0.1:27017, reason: errno:113 No route to host

2014-07-01T15:34:46.153+0800 Error: couldn't connect to server 127.0.0.1:27017 (127.0.0.1), connection attempt failed at src/mongo/shell/mongo.js:146

exception: connect failed





SOLUTION:



sudo iptables -I INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 27017 -j ACCEPT