• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Bash or "Shellshock" vulnerability

September 25, 2014 By Brendan Patterson

Summary
News is breaking about a major new high severity vulnerability, CVE-2014-6271, with widespread impact. Gnu Bourne again shell (Bash) is a UNIX like command shell that is included in most distributions of Linux and also Apple OS X. The vulnerability allows an attacker to create environment variables that include malicious code before the system calls the Bash shell. The nature of the exposure can vary depending on how Bash is used, but it can lead to arbitrary command execution on affected systems. There are reports that is has already been exploited in the wild.

Are WatchGuard products affected?
All Firebox and XTM models are not affected. The Fireware operating system is hardened to remove any unnecessary features, and does not include a Bash shell. WatchGuard Wireless Access Points, SSL 100 and 560, XCS, and  QMS also do not include or install Bash. They are not vulnerable.

The Linux distribution included in WatchGuard Dimension includes bash, but the exposure to this vulnerability is low since Dimension does not use AcceptEnv or CGI. Nevertheless Dimension automatically downloads security updates for its Linux components. Just make sure that you don’t have any upstream firewall that blocks access to security.ubuntu.com and archive.ubuntu.com.

Solution Path
Download and deploy patches from your vendors immediately.

For WatchGuard Users
The WatchGuard IPS signature team has developed and released a signature to identify exploits of the Bash vulnerability. It is included in signature set 4.454. If your Firebox and XTM appliances are configured to receive automatic updates, you will get the new signature.

We’ll keep this post updated as more news is available.

References:

Security Blog – Redhat
Concerns over Bash vulnerability grow – Ars Technica

Share This:

Related

Filed Under: Security Bytes

Comments

  1. Corey Nachreiner says

    September 29, 2014 at 3:15 pm

    If you are an OS X user, Apple released their update for the Bash flaw. You can find links for it here:

    http://thenextweb.com/apple/2014/09/29/apple-releases-bash-update-lion-mavericks/

    I don’t think it has been added to automatic updates, so you have to install it manually.

    Cheers,
    Corey

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use