*Update (10/01/2014) - Content has been improved and updated to detect the final two known CVE's (CVE-2014-6277, CVE-2014-6278).
*Update (9/29/2014) - Content has now been added to enable the detection of the first 4 Shellshock CVE's (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187). We will continue to make updates available here and expect content to be available for two additional CVEs (CVE-2014-6277 and CVE-2014-6278) as their details are released over the coming days. Register now for a webcast on using Tanium to hunt for Shellshock vulnerabilities on Thursday, Oct 2 at 2:00 pm Eastern Time. See the Tanium community site with details on the latest sensor and ask your Tanium Technical Account Manager about saved questions and an updated dashboard.
*Update (9/24/2014) - An additional vulnerability (CVE 2014-7169 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169) was released to address a flaw in the originally assigned CVE-2014-6271. The Tanium sensor was updated to account for and detect whether machines are vulnerable up to the level of CVE-2014-7169.
The United States Computer Emergency Readiness Team (US-CERT) issued an alert Sept 24, 2014 about a Bash vulnerability (CVE 2014-6271) affecting Unix-based operating systems such as Linux and Max OS X that may give attackers the ability to execute malicious code remotely. US-Cert recommended users and administrators review the Redhat Security Blog for additional details and refer to OS vendors for appropriate patches.
Tanium customers can take advantage of a newly created sensor that has been added to our community site that detects this vulnerability and there is a new dashboard available to provide Tanium users a real-time heads up view of their vulnerabilities across their enterprise (see figure). Please contact your Technical Account Manager for further information on access to the dashboard.