Ghost Detector script

1. #!/bin/bash
2. uname -a
3. cat /etc/redhat-release
4. echo "Installed glibc version(s)"
5.  
6. rv=0
7. for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do
8.     glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' )
9.     glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }')
10.     glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }')
11.  
12.     echo -n "- $glibc_nvr: "
13.     if [ "$glibc_maj" -gt 2   -o  \
14.         \( "$glibc_maj" -eq 2  -a  "$glibc_min" -ge 18 \) ]; then
15.         # fixed upstream version
16.         echo 'not vulnerable'
17.     else
18.         # all RHEL updates include CVE in rpm %changelog
19.         if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then
20.             echo "not vulnerable"
21.         else
22.             echo "vulnerable"
23.             rv=1
24.         fi
25.     fi
26. done
27.  
28. if [ $rv -ne 0 ]; then
29.    cat <<EOF
30.  
31. This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015-0235>
32. Please refer to <https://access.redhat.com/articles/1332213> for remediation steps
33. EOF
34. fi
35.  
36. exit $rv