This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here

Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Bash Version issue

Go to solution
marc_dub
Engaged Sweeper II

‎09-25-2014 02:01 PM

Due to the recent Bash vulnerability I am running reports but the Bash software version only displays 3.2 as an example but when we check locally the version is 3.2.25 why would this be displayed.

www.webroot.com
Labels:
0 Kudos
1 ACCEPTED SOLUTION
Go to solution
sukaitsu
Champion Sweeper

‎10-02-2014 09:39 PM

I wrote this SQL Query, and it helped us narrow down vulnerable machines.

Linux: ShellShock Vulnerable ()


Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tsysAssetTypes.AssetTypename,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblLinuxSystem.OSRelease,
  tblAssets.IPAddress,
  tblSoftwareUni.softwareName,
  tblLinuxSoftware.Version,
  tblLinuxSoftware.InstallDate,
  tblLinuxSoftware.LastChanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
    tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where ((tblSoftwareUni.softwareName Like '%cgi%') Or
    (tblSoftwareUni.softwareName = 'bash' And
      DateDiff(day, tblLinuxSoftware.LastChanged, '2014-09-24') > 0)) And
  tblAssetCustom.State = 1 And tblAssets.Assettype = 11
Order By tblAssets.AssetName
Thank you, Jeffrey Smith Enterprise Applications Security (319) 499-6310 JefSmith@geico.com

View solution in original post

2 REPLIES 2
Go to solution
sukaitsu
Champion Sweeper

‎10-02-2014 09:39 PM

I wrote this SQL Query, and it helped us narrow down vulnerable machines.

Linux: ShellShock Vulnerable ()


Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tsysAssetTypes.AssetTypename,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblLinuxSystem.OSRelease,
  tblAssets.IPAddress,
  tblSoftwareUni.softwareName,
  tblLinuxSoftware.Version,
  tblLinuxSoftware.InstallDate,
  tblLinuxSoftware.LastChanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
    tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where ((tblSoftwareUni.softwareName Like '%cgi%') Or
    (tblSoftwareUni.softwareName = 'bash' And
      DateDiff(day, tblLinuxSoftware.LastChanged, '2014-09-24') > 0)) And
  tblAssetCustom.State = 1 And tblAssets.Assettype = 11
Order By tblAssets.AssetName
Thank you, Jeffrey Smith Enterprise Applications Security (319) 499-6310 JefSmith@geico.com
Go to solution
sukaitsu
Champion Sweeper

‎10-01-2014 08:02 PM

Lansweeper's API uses # rpm -qa to gather the installed software on Linux assets. The result from that command is what gets populated into the database.
Thank you, Jeffrey Smith Enterprise Applications Security (319) 499-6310 JefSmith@geico.com
0 Kudos

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now