Symantec has created the following process to identify Unix, Linux and Mac (ULM) computers that are vulnerable to the Bash Shellshock bug.
Description
The process uses a custom inventory script that can be ran on ULM clients. A zipped file is attached to this knowledge base article. The file name is: vulnerabilities-check-dataclass.zip. It contains three files which should be imported into the NS console Reports menu. The files are:
After importing and running the script, the report will show the vulnerability status for four CVEs. CVE is an industry term for "Common Vulnerabilities and Exposures". The CVEs reported by this process are:
Here are a few links to the patches provided by a few OS vendors. Please see the respective OS vendors for further details and to download applicable patches. Note that not all CVEs are applicable to every OS platform or vendor.
Usage
To use this custom inventory script and report:
Please note that the custom inventory process provided in this article requires Symantec Endpoint Management and, specifically, Endpint Management's Inventory Solution. The Inventory Solution agent or plug-in must be installed on each client computer.