-
-
Save qinwentu/70daba4b84e790784e2b to your computer and use it in GitHub Desktop.
GHOST - gethostbyname Detector GHOST-test.sh CVE-2015-0235 <https://access.redhat.com/security/cve/CVE-2015-0235>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Version 3 | |
| ## command line to run | |
| ## curl -L https://gist.githubusercontent.com/scuderiaf1/52f881e6cce407228780/raw/043b6124f75d4c897377c157c6efab53654eb042/GHOST-test.sh |bash | |
| echo "Installed glibc version(s)" | |
| rv=0 | |
| for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do | |
| glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' ) | |
| glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }') | |
| glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }') | |
| echo -n "- $glibc_nvr: " | |
| if [ "$glibc_maj" -gt 2 -o \ | |
| \( "$glibc_maj" -eq 2 -a "$glibc_min" -ge 18 \) ]; then | |
| # fixed upstream version | |
| echo 'not vulnerable' | |
| else | |
| # all RHEL updates include CVE in rpm %changelog | |
| if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then | |
| echo "not vulnerable" | |
| else | |
| echo "vulnerable" | |
| rv=1 | |
| fi | |
| fi | |
| done | |
| if [ $rv -ne 0 ]; then | |
| cat <<EOF | |
| This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015-0235> | |
| Please refer to <https://access.redhat.com/articles/1332213> for remediation steps | |
| EOF | |
| fi | |
| exit $rv |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment