What kind of ETA is there for a detection method regarding the CVE-2014-6271 bash vulnerability?
Is there a way to search or use a QID to return the installed version of Bash in the Linux host?
Just Fyi, I did an application search putting Bash in the name field, typically if you put something generic it will find all versions, it found nothing.
Waiting now for the QID. From what I was told by our TAM it should be released tonight, not sure when.
Thanks to JGregory for this update:
Our Engineering team has written a detection for this vulnerability and this is currently going through the QA process. It is expected to be released to production later tonight.
At this time, successful Unix Authentication will be required for this vulnerability to be detected. We will continue to evaluate and improve the detection as more information becomes available.
Does Qualys plan to deploy a QID that does not require unix authentication (say for external hosts) ?
Efforts for this are underway, but we do not have any ETA at this point. Please monitor The specified item was not found. for updates.
The remote detection is available since last night: The specified item was not found.
Thank you for the update.
QID 122693 Bash Remote Code Execution Vulnerability. The QID will be available starting tonight (Sept 24th) under
signature version VULNSIGS-2.2.830-x.
Authentication is required for running the detection.
Please make sure your appliance is using signature version VULNSIGS-2.2.830-x (or higher).
You can find the appliance signature version in QualysGuard by clicking on the "Scans" then select the "Appliances" Tab.
If you have any further questions, please don't hesitate to contact Qualys Support. Support is available 24x7.
More details on this bug can be found at: The specified item was not found..
I just check my internal signature and it has 2.2.828-2 but the "Update Now' is greyed out, am I missing something?
It probably means the vulnerability isn't available yet. It is planned for release later in the day on Sept 24.
Version 2.2.830 is not yet available. Please note that your screenshot shows that you have the latest version.
Correct, I just needed to track this by the numbers. The release of the QID info really should have said, prior to running scan insure you upgrade, versus before it was released insure your up to the 2.830. Was just a bit confusing, no problem.
Retrieving data ...