Security Alert: Shellshock Security Bug

A security vulnerability was recently announced that appears to affect a large percentage of internet connected devices. This vulnerability, known as Shellshock, is critical and could allow an attacker to perform remote code execution on hosts running a vulnerable version of Bash, a popular Unix/Linux shell. CSF International, Inc. is taking this issue seriously by taking the steps detailed below.

What we’ve done:

So far, we are not aware of any service on the CSFi Red Hat Linux Server actually exposing these problems to attackers, this is a precautionary update. It is our policy to not expose SSH or shell access publicly. Regardless, we have obtained the required patch from Red Hat, tested it and have prepared a patch implementation plan for potentially vulnerable customers that have licensed Red Hat software and maintenance through CSFi and have licensing arranged to receive the patch, by generating a web support ticket requesting the Red Hat patch for Bash.

What you should do:

Customers who licensed Red Hat software and maintenance through CSFi should contact CSFi Customer Service to schedule a date and time to install the patch on the CSFi Red Hat Linux server. This patch should not require a system restart, but this will be verified after the patch has been installed. If you are a registered web support user, you may create a support ticket for this request by sending an e-mail to support@csfi.com.

By : Sales and Marketing /October 16, 2014 /News /0 Comment

Comments are closed.