Security Advisory Bash Code Injection Vulnerabilities (CVE-2014-7169/CVE-2014-6271)

Background

RedHat released two security advisories regarding the Bash Code Injection Vulnerabilities (a.k.a “Shellshock”):

https://access.redhat.com/security/cve/CVE-2014-6271
https://access.redhat.com/security/cve/CVE-2014-7169

Impact

This is a critical vulnerability in the GNU bash shell, used by many UNIX/Linux operating systems. This flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system; the majority of Restorepoint appliances may be affected.

Remediation

A patch for Restorepoint v4.5 is already available; please ensure that you update your appliance immediately, and that you are running at least v4.5 build 20140926:103212.

If your appliance is running Restorepoint v4.4 or earlier, please contact our Technical Support Team.

Advertisements