Alex Nassi

"Shell Shock" Bash Vulnerability

Discussion created by Alex Nassi Employee on Sep 25, 2014
You may have recently heard about a potential security vulnerability affecting the bash shell which is a common shell on Unix or Linux systems.  The vulnerability is also called "Shell Shock." 

For details on the vulnerabilities you can consult the following links:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6271
 
At SugarCRM, we take security and the protection of your private information very seriously. This vulnerability affects any systems that make use of the bash shell.

We have investigated this matter thoroughly and are pleased to inform those customers with subscriptions to our On-Demand products that we have already patched for this vulnerability. If you are an On-Site customer, your server administrator will need to take the necessary actions to ensure your server is safeguarded from this vulnerability.

Outcomes