Hello All,
Lots of people are facing issue to scan their network for shellshock vulnerability with CCSVM. Follow the below steps and you are ready to scan for shellshock vulnerability:
1. In the CCSVM Console Web interface, click Administration from the top menu. Under the Scan Options Section on the administration page, click the manage link for Templates.
2. Find the scan template named “Full audit” and select the Copy scan template icon at the right.
3. Under the Type of Checks, ensure that Vulnerabilities and Web Spidering options are selected, unselect the “Policies” option.
4. Under the Name and Description, rename the template to “Shellshock Audit” and modify the description text so you will be able to recognize later that the template is customized for shellshock/bash bug.
5. Select the “Vulnerability Checks” option from the left menu, then expand the “By Category” section and click the “Remove categories” button.
6. Select the check box for the top row (Vulnerability Category), which will auto-select the check boxes for all categories. Then click Save.
7. Expand the “By Check Type” section and click the “Remove check types” button.
8. Select the check box for the top row (Vulnerability Check Type), which will auto-select the check boxes for all types. Then click Save.
9. Expand the By Individual Check section and click the “Add checks” button.
10. Enter or paste CVE-2014-6271 in the Search Criteria box and click the Search button. Note: If search does not find the CVE, please run “Manual Update” (Administration, under Global and Console settings, click Administer, choose updates from the left menu and click on the “Manual Update” button.
11. Select the check box for the top row (Vulnerability Check), which will auto-select the check boxes for all types. Then click Save.
12. Repeat step 10 for CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278. In many cases, these vulnerabilities will already be selected because they are linked to CVE-2014-6271. Select any checks that are not already selected.
13. Save the scan template.
Now you are ready to scan for shellshock vulnerability with Symantec CCSVM.