Advertisement
Guest User

Ghost Detector script

a guest
Jan 30th, 2015
376
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.06 KB | None | 0 0
  1. #!/bin/bash
  2. uname -a
  3. cat /etc/redhat-release
  4. echo "Installed glibc version(s)"
  5.  
  6. rv=0
  7. for glibc_nvr in $( rpm -q --qf '%{name}-%{version}-%{release}.%{arch}\n' glibc ); do
  8.     glibc_ver=$( echo "$glibc_nvr" | awk -F- '{ print $2 }' )
  9.     glibc_maj=$( echo "$glibc_ver" | awk -F. '{ print $1 }')
  10.     glibc_min=$( echo "$glibc_ver" | awk -F. '{ print $2 }')
  11.  
  12.     echo -n "- $glibc_nvr: "
  13.     if [ "$glibc_maj" -gt 2   -o  \
  14.         \( "$glibc_maj" -eq 2  -a  "$glibc_min" -ge 18 \) ]; then
  15.         # fixed upstream version
  16.         echo 'not vulnerable'
  17.     else
  18.         # all RHEL updates include CVE in rpm %changelog
  19.         if rpm -q --changelog "$glibc_nvr" | grep -q 'CVE-2015-0235'; then
  20.             echo "not vulnerable"
  21.         else
  22.             echo "vulnerable"
  23.             rv=1
  24.         fi
  25.     fi
  26. done
  27.  
  28. if [ $rv -ne 0 ]; then
  29.    cat <<EOF
  30.  
  31. This system is vulnerable to CVE-2015-0235. <https://access.redhat.com/security/cve/CVE-2015-0235>
  32. Please refer to <https://access.redhat.com/articles/1332213> for remediation steps
  33. EOF
  34. fi
  35.  
  36. exit $rv
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement