Kace and Shell Shock vulnerability
Is the k1000 or the k2000 vulnerable to the Shell Shock Vulnerability in bash?
A high risk vulnerability was disclosed on September 24, 2014 by the National Institute of Standards and Technology (NIST) that could result in sensitive information being leaked by exploiting a flaw in GNU Bash. Details of this vulnerability, which has been dubbed the ‘Bash flaw’ or ‘Shell Shock’, can be referenced in the NIST CVE-2014-6271.
Answers (4)
Official link here: http://www.kace.com/support/resources/kb/solutiondetail?sol=133191
Comments:
-
Thanks for posting this. I was also glad to see the notice was also pushed to my kbox via the Latest News section; good job dell! - Jbr32 10 years ago
I have an answer from Support:
The KACE appliances are vulnerable to this exploit
"Our engineers are working on this as a top priority and Iwill follow up as soon as there is any official information.
A hotfix is under development for this issue and I willadvise you the moment it is ready. "
Comments:
-
Did they indicate kboxes should be taken offline? - Jbr32 10 years ago
http://www.kace.com/support/resources/kb/solutiondetail?sol=133496
https://www.kace.com/~/media/Files/Support/Documentation/K1000/v62/K1000_62_ReleaseNotes.pdf - jones948 10 years ago