1

Get in touch with us

~|icon_house~|elegant-themes~|solid

Address

2733 Lancaster Rd, Suite 220
Ottawa, Ontario,
K1B 0A9
~|icon_clock~|elegant-themes~|solid

Office hours

Workdays at
9:00am – 6:00pm
~|icon_phone~|elegant-themes~|solid
Call us
+1 866 657 7620
+1 613 526 4945

Let’s get connected

Get in Touch

News

Protecting your Infrastructure from Shellshock

As many of you already know, a recently published critical vulnerability in the popular ‘Bash’ shell and scripting language language has been found.

This vulnerability uses specially crafted environment variables to execute arbitrary code and has remained undiscovered since approximately version 1.13 in 1992. This means that many systems including VMs, appliances, and physical devices may be affected.

Common exploitatain vectors include attacks against web servers processing requests via the common gateway interface (CGI), and certain sshd configurations using ‘ForceCommand’ can also be exploited.

Although VMware has not yet shown that the Bash vulnerability can be exploited in any of their appliances, many ship with vulnerable Bash versions. As such, VMware has released a KB article detailing which of their products ship with the vulnerable version of Bash, which will be updated as patches are made available.

Integra recommends that you subscribe to this document in order to be notified when fixes are made available. To do this:

  1. Navigate to the article at http:/kb.vmware.com/kb/2090740 
  2. In the right-hand menu “Actions”, select “Subscribe to this Document,” which will allow you to follow updates to this document via RSS in your browser.
  3. Also be sure to sign up for the mailing list for VMware Security Advisories and Security Alerts at http://lists.vmware.com/mailman/listinfo/security-announce. These lists are updated whenever VMware security patches are released.

While we wait for vendor patches, we also note that technologies that are often already deployed in our data centres can be used to mitigate the Bash Shellshock vulnerability – these technologies include Trend Micro (AV) and F5 (load balancing & application delivery).

To block the majority of Shellshock attacks with Trend Micro Deep Security, please see the following:

To block the majority of Shellshock attacks with an F5 iRule, you can also use the following:

Paul Shuparski-Miller, Systems Engineer, Integra Networks,