Bash "Shell Shock Vulnerability" in the Dell Data Protection Virtual Edition

Summary: This article provides information about the Shell shock Bash Bug CVE-2014-6271 security vulnerability and how it affects the Dell Data Protection | Virtual Edition software.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Affected Products:

  • Dell Data Protection | Virtual Edition

Affected Versions:

  • v9.2 and Earlier

Test for this vulnerability by running the following command from a bash shell prompt:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the word vulnerable appears in the output, then the machine is vulnerable to the exploit.

Even with the vulnerability, an attacker must be able to access a specific port on the VE server to use the exploit.

It is best a practice that the Dell Data Protection | Virtual Edition server is not Internet facing, but rather the proxy services be used for Internet facing requirements.

If Dell Data Protection | Virtual Edition is not Internet facing, the ShellShock issue could not be exploited outside the organization.

Cause

Older versions of Dell Data Protection | Virtual Edition are susceptible to an exploit in the bash shell described in Ubuntu Security Notice USN-2362-1, commonly referenced as the Shell Shock Vulnerability.

Issue Parameters:

  • Dell Data Protection | Virtual Edition console and SSH server uses the bash shell, which can be exploited by passing trailing code to a bash shell and gaining unauthorized access to the command environment.
  • This vulnerability is not present in the Dell Data Protection | Encryption Pre-Boot Authentication (PBA) software such as Self-Encrypting Drive (SED) management nor Hardware Encryption Accelerator (HCA) used for authenticating clients.

Resolution

The issue has been resolved in Dell Data Protection | Virtual Edition v9.3 and later.

To correct this issue:

  1. Open the Virtual Edition remote desktop console.
  2. Choose the Launch Shell option from the Main Menu and follow these steps:
  3. Type the command: su ddpsupport
  4. Press the Enter key.
  5. When prompted, enter the password set for the ddpsupport user.
  6. There is an update prompt that starts with ddpsupport@.
  7. Type the command: sudo apt-get update
    • This command contacts the Ubuntu update servers using the Internet and requests the relevant updates required.
  8. Type the command: sudo apt-get install bash

After the update is complete, confirm that the update resolved the vulnerability by testing again.

Note: That the word vulnerable is not in the output of the command: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Additional Information

More Reference Material

CVE-2014-6271 This hyperlink is taking you to a website outside of Dell Technologies. on the NIST website

Affected Products

Dell Encryption
Article Properties
Article Number: 000129498
Article Type: Solution
Last Modified: 13 Sep 2023
Version:  9
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.