I have a problem I was hoping someone could help me with.
Someone brought up the use of Cygwin on Windows servers as being potentially vulnerable to this bug, which of course it is. I'm trying to create a report to determine the version of the program on Windows servers so I can give that to management.
The problem is:
1) It's not installed in Add/Remove Programs
2) It does run as a Windows Service, but does not have a version listed in that
3) The file running as the service has no version details.
I can run uname -srv in the cygwin\bin folder to pick up the version number there, but when I do so using NSH, NSH thinks I want the Windows version...
shouldn't bash.exe --version provide you what you want?
Thanks for the reply lobsters, that actually does work. The problem I'm having is that C:\cygwin\bin is not in the %PATH% variable of the box, so I'm trying to run the command nexec -e cmd /c "C:\cygwin\bin\bash" --version | findstr version, but I'm getting a whole bunch of errors.
Would running that command in an extended object, and the producing a report based on the result be the way to go? Would it cause any problems scanning my whole DC for that EO if only 20 servers have it running, and the rest don't?
Yes - Create an extended object and then snapshot to capture results
Your EO should be remote execution
command: cmd /c C:\\cygwin\\bin\\bash.exe --version
You can mess with the grammar file but im sure auto will be ok