#!/bin/bash

# Description   :   Identifies Linux systems vulnerable to the critical vulnerability CVE-2024-3094.
#                   Select "Enable Logging for Troubleshooting" when deploying in Script Configuration.
#
# Maintainer    :   ManageEngine Endpoint Central <endpointcentral-support@manageengine.com>

# Check for root privileges
if [ "$(id -u)" != "0" ]; then
  echo "Error: This script must be run as root"
  exit 1
fi

# Check for required package (binutils)
if ! type strings >/dev/null 2>&1; then
  echo "Error: Missing package 'binutils', please install"
  exit 1
fi

# Check for existence of the xz command
if ! type -a xz >/dev/null 2>&1; then
  echo "Machine not vulnerable, 'xz' path not found"
  exit 0
fi

# Initialize variables
vulnerable="Machine not vulnerable"
output=""

# Perform vulnerability check for each xz command path
for xz_p in $(type -a xz | awk '{print $NF}' | uniq); do
  # Extract version information using strings and grep
  outXz=$(strings "$xz_p" 2>/dev/null | grep "xz (XZ Utils)")

  # Check vulnerability based on version
  if [[ "5.6.0" =~ $outXz || "5.6.1" =~ $outXz ]]; then
    vulnerable="Machine Vulnerable"
    output+=$(echo "Found xz path : $xz_p, version : $outXz - Vulnerable\\n")
  else
    output+=$(echo "Found xz path : $xz_p, version : $outXz - Not vulnerable\\n")
  fi
done

# Print vulnerability status and detailed output
echo "$vulnerable"
echo ""
echo -e "$output"

exit 0