Detect and remediate Shellshock
Shellshock (aka Bashdoor) is a family of bugs in the Bash shell that lets attackers gain access to Internet-facing services. Follow the steps below to find out if you have affected systems, and remove the vulnerability.
Before you begin
- Ensure your Puppet Remediate instance has access to the systems you want to scan and update.
1. Search for vulnerabilities
Open Puppet Remediate, navigate to Vulnerabilities, type the following value into the CVE Search box, and press Return to see related vulnerabilities:
CVE-2014-6271
If any results were returned, click each one to read more detail and find out which nodes are affected, and continue to the next step.
2. Select the appropriate task
Select the Manage package
task to use the list of affected servers that
Remediate already provided as search results.
3. Execute the task
Select upgrade
and type in bash
and run the Task.
4. Confirm the remediation
After your next security scan has synced into Puppet Remediate, use the CVE Search box again to confirm Shellshock is gone.