A vulnerability affecting the official Alpine Docker images version >=3.3 contains a null password for the root user. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux container that utilize Linux PAM, or some other mechanism that uses the system shadow file as an authentication database, may accept a NULL password for the root user.
A new option profile in the Qualys Vulnerability Management (VM) Option Profile library can be used to detect instances of the Shellshock vulnerability exposed through the Apache CGI attack vector. This new option profile, called Bash Shellshock Detection, leverages the crawling capabilities available in Qualys Web Application Scanning (WAS) to find Shellshock exposure in CGI scripts in your web applications.
ShellShock is a wide-reaching vulnerability with multiple attack vectors. If you use Linux or Unix machines in your network you are likely to have the vulnerability. Beyond running a normal Qualys vulnerability scan and report to get a snapshot in time of your vulnerable machines, it makes sense to use Qualys Continuous Monitoring (CM) to immediately get alerted if the BASH ShellShock vulnerability is detected on your perimeter hosts. This can even happen after you have patched all occurrences already, as we have seen with the Heartbleed vulnerability. With Heartbleed, customers have reported repeating occurrences as IT staff was using older images to install new hosts or appliances were brought online with a vulnerable version installed. Continuous Monitoring makes it easy to alert on these often unexpected conditions. (Don’t have Continuous Monitoring? Contact Support or your Technical Account Manager to get it; or sign up for a free trial.)