Control Compliance Suite

We are using ccsvm to scan assets for the Shellshcok vulnerability and although the latest set of scanning templates have been uploaded to our engines, when scanned the vulnerabilities are not discovered.  Is anyone else experiencing the same?  We have verified the Linux servers being scanned are vulnerable.

kindly confirm whether you are doing credential scan or blackbox scan.

Hi,

Just want to confirm whether you are using the default templates or you created a new scan template for shellshock?

I noticed this as well, it was working and now it's not, I've triple checked all my settings. 2 days ago it was detecting it, now the same scan does not, and I've confirmed the assets I'm targeting are not patched yet.

We are using a blackbox scan, however, we have been advised that we need to run these scans with credentials.  This is not ideal as we do not necessarily know the credentials of all the Linux estate within our organisation??

FYI - and I'm running credentialed, template and custom scan and neither detect it any longer (they are not patched).

@IM140.6: I think you have not configure the scan template properly to scan for shellshock vulnerbaility.

Simple way to create shellshock template is copy a full audit template and remove all the vulnerabilities selected in By categories and By check types and search for CVE-2014-6271 in by individual check and select all the vulnerability check and save the template. Now scan with this template for shellshock scanning.

Create a new scan template while following above mentioned steps and try to scan for shellshock vulnerability.