Last active
September 17, 2015 18:04
-
-
Save scuderiaf1/52f881e6cce407228780 to your computer and use it in GitHub Desktop.
GHOST - gethostbyname Detector GHOST-test.sh CVE-2015-0235 <https://access.redhat.com/security/cve/CVE-2015-0235>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Version 3 | |
## command line to run | |
## curl -L https://gist.githubusercontent.com/scuderiaf1/52f881e6cce407228780/raw/043b6124f75d4c897377c157c6efab53654eb042/GHOST-test.sh |bash | |
echo "Installed glibc version(s)" | |
rv=0 | |
for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do | |
glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' ) | |
glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }') | |
glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }') | |
echo -n "- $glibc_nvr: " | |
if [ "$glibc_maj" -gt 2 -o \ | |
\( "$glibc_maj" -eq 2 -a "$glibc_min" -ge 18 \) ]; then | |
# fixed upstream version | |
echo 'not vulnerable' | |
else | |
# all RHEL updates include CVE in rpm %changelog | |
if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then | |
echo "not vulnerable" | |
else | |
echo "vulnerable" | |
rv=1 | |
fi | |
fi | |
done | |
if [ $rv -ne 0 ]; then | |
cat <<EOF | |
This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015-0235> | |
Please refer to <https://access.redhat.com/articles/1332213> for remediation steps | |
EOF | |
fi | |
exit $rv |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment