Project

General

Profile

CVE-2014-6271 / CVE-2014-7169 : remote code execution through bash

Added by Peter Norin over 5 years ago

CVE-2014-6271: remote code execution through bash (and following CVE-2014-7169)

The bash shipped with 2.0.1 and potentially earlier versions are vulnerable since StoredSafe is loosely based on ubuntu.

At this time we have not been able to confirm that its possible to take advantage of this remotely through the webserver.

If concerned contact us for a new image which include patches, or a non persistant workaround (which requires that the appliance have internet access) until you are able to upgrade.

Cheers
Peter


Replies (1)

    (1-1/1)