Scope
This article covers the following groups of products.
Group 1 - Rohde & Schwarz products
SpycerBox Ultra, SpycerBox Flex, SpycerBox NAS, Meta Data Server (MDS), Linux based File Servers.
RedHat Linux are used on recent vintage equipment, earlier equipment uses SUSE.
Group 2 - DDN products
DDN SFA line of storage products (6620, 7700, 10K, 12K).
Note: DDN S2A9900 are not vulnerable.
How vulnerable am I?
To answer this question you need to first identify the attack surface in your environment. If your system lives behind an external firewall and your network's perimeter security is hardened against attack then your internal network would be your primary attack surface. A common practice in many corporate / production networks rely exclusively on perimeter security to insulate their systems from vulnerability. In all likelihood, if your system is not exposed to the internet then you are probably not currently at risk.
Additional "Shellshock" Information
More information can be found via RedHat:
Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271, CVE-2014-7169)
Group 1 - Rohde & Schwarz products
Diagnostic Steps:
To test if your version of Bash is vulnerable to this issue, run the following command:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If the output of the above command looks as follows:
vulnerable this is a test
you are using a vulnerable version of Bash.
Remedy
To update Bash download the correct version for your OS:
RHEL6 = http://www.dvsus.com/gold/san/RHEL6_bash-4.1.2-15.el6_5.2.x86_64.rpm
RHEL5 = http://www.dvsus.com/gold/san/RHEL5_bash-3.2-33.el5_11.4.x86_64.rpm
SUSE 10 (No update yet)
How to install:
As root, use the rpm
command to install the updated package:
rpm -Uvh </path/to/download>
ex: rpm -Uvh /root/Desktop/RHEL5_bash-3.2-33.el5_11.4.x86_64.rpm
Factory Technical Bulletin
Official factory bulletin can be downloaded at this link:
http://www.dvsus.com/gold/DVS/RS_DVS_Bash_Technical_Bulletin_141009.pdf
Group 2 - DDN products
Diagnostic Steps:
If the SFA OS version is below the specified version then you are exposed.
SFA OS 2.2.1.3 | SFA 7700, SFA 10K, SFA 12K |
SFA OS 1.5.6 | S2A6620 (expect by end of Oct 2014) |
Remedy
Update firmware to 2.2.1.3 for SFA 7700, SFA 10K, SFA 12K or 1.5.6 for S2A6620.
Download and install instructions:
http://support.dvsus.com/entries/23561081-DDN-downloads-SFA-and-S2A
Factory Technical Bulletin
Official factory bulletin can be downloaded at this link:
SFA_OS_Mandatory_Upgrades_Fix_Shellshock_BASH_Bug
0 Comments