Mitigations Listed in Bash Advisory

Friday, October 17, 2014 @ 02:10 PM gHale

A series of products suffer from the Bash command injection vulnerability.

The Bourne again shell (bash) is the common command-line used in most Linux/Unix-based operating systems and Apple’s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system.

With this vulnerability, there are individual mitigations available and a list of companies affected published via ICS-CERT.

Siemens Working to Patch Shellshock
Shellshock Affects OpenVPN
VMware Releases Shellshock Updates
Bash Attack on NAS Systems
Shellshock Attacks Raging

Any asset owners/operators, developers, or vendors should to coordinate known implementations of the affected products directly with ICS-CERT.

Directly affected: ABB Tropos 3000, 4000, 6000, & 7000 series routers
Indirectly affected: Ventyx NM EMS/SCADA on RHEL, Ventyx.
Click here for ABB’s public notification and mitigation strategies.

Click here for Cisco’s advisory for full list of affected products.

Connectport LTS, Digi Passport, Digi CM.
Digi said the vulnerability cannot end up exploited remotely on these systems.

Click here for eWON’s advisory for full list of affected products.

LANTIME V4.x, V5.x and V6.x
Click here for Meinberg’s public notification and mitigation strategies.

All Linux-based computers except EM1220-LX, EM1240-LX, UC7110-LX, UC7112-LX.
Moxa is currently investigating a solution.

Red Lion:
Sixnet BT-5000 and 6000 Series
RAM 9000, RAM 6000, SN 6000 and M, A and R Series
These products use the bash shell but the company said are not vulnerable or exploitable.

ROX 1: All versions <= V1.16.0 ROX 2: All versions <= V2.5.0 APE Linux V1.0 with ELAN installed Click here for more details at Siemens’ web site.

Leave a Reply

You must be logged in to post a comment.