Bash "Shell Shock Vulnerability" in the Dell Data Protection Virtual Edition

Samenvatting: This article provides information about the Shell shock Bash Bug CVE-2014-6271 security vulnerability and how it affects the Dell Data Protection | Virtual Edition software.

Dit artikel is van toepassing op Dit artikel is niet van toepassing op Dit artikel is niet gebonden aan een specifiek product. Niet alle productversies worden in dit artikel vermeld.
Bekijk andere hulpbronnen

Symptomen

Affected Products:

  • Dell Data Protection | Virtual Edition

Affected Versions:

  • v9.2 and Earlier

Test for this vulnerability by running the following command from a bash shell prompt:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the word vulnerable appears in the output, then the machine is vulnerable to the exploit.

Even with the vulnerability, an attacker must be able to access a specific port on the VE server to use the exploit.

It is best a practice that the Dell Data Protection | Virtual Edition server is not Internet facing, but rather the proxy services be used for Internet facing requirements.

If Dell Data Protection | Virtual Edition is not Internet facing, the ShellShock issue could not be exploited outside the organization.

Oorzaak

Older versions of Dell Data Protection | Virtual Edition are susceptible to an exploit in the bash shell described in Ubuntu Security Notice USN-2362-1, commonly referenced as the Shell Shock Vulnerability.

Issue Parameters:

  • Dell Data Protection | Virtual Edition console and SSH server uses the bash shell, which can be exploited by passing trailing code to a bash shell and gaining unauthorized access to the command environment.
  • This vulnerability is not present in the Dell Data Protection | Encryption Pre-Boot Authentication (PBA) software such as Self-Encrypting Drive (SED) management nor Hardware Encryption Accelerator (HCA) used for authenticating clients.

Oplossing

The issue has been resolved in Dell Data Protection | Virtual Edition v9.3 and later.

To correct this issue:

  1. Open the Virtual Edition remote desktop console.
  2. Choose the Launch Shell option from the Main Menu and follow these steps:
  3. Type the command: su ddpsupport
  4. Press the Enter key.
  5. When prompted, enter the password set for the ddpsupport user.
  6. There is an update prompt that starts with ddpsupport@.
  7. Type the command: sudo apt-get update
    • This command contacts the Ubuntu update servers using the Internet and requests the relevant updates required.
  8. Type the command: sudo apt-get install bash

After the update is complete, confirm that the update resolved the vulnerability by testing again.

Note: That the word vulnerable is not in the output of the command: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Extra informatie

More Reference Material

CVE-2014-6271 This hyperlink is taking you to a website outside of Dell Technologies. on the NIST website

Getroffen producten

Dell Encryption
Artikeleigenschappen
Artikelnummer: 000129498
Artikeltype: Solution
Laatst aangepast: 13 sep. 2023
Versie:  9
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.