Bash "Shell Shock Vulnerability" in the Dell Data Protection Virtual Edition

Sammanfattning: This article provides information about the Shell shock Bash Bug CVE-2014-6271 security vulnerability and how it affects the Dell Data Protection | Virtual Edition software.

Den här artikeln gäller för Den här artikeln gäller inte för Den här artikeln är inte kopplad till någon specifik produkt. Alla produktversioner identifieras inte i den här artikeln.
Kolla in andra resurser

Symptom

Affected Products:

  • Dell Data Protection | Virtual Edition

Affected Versions:

  • v9.2 and Earlier

Test for this vulnerability by running the following command from a bash shell prompt:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If the word vulnerable appears in the output, then the machine is vulnerable to the exploit.

Even with the vulnerability, an attacker must be able to access a specific port on the VE server to use the exploit.

It is best a practice that the Dell Data Protection | Virtual Edition server is not Internet facing, but rather the proxy services be used for Internet facing requirements.

If Dell Data Protection | Virtual Edition is not Internet facing, the ShellShock issue could not be exploited outside the organization.

Orsak

Older versions of Dell Data Protection | Virtual Edition are susceptible to an exploit in the bash shell described in Ubuntu Security Notice USN-2362-1, commonly referenced as the Shell Shock Vulnerability.

Issue Parameters:

  • Dell Data Protection | Virtual Edition console and SSH server uses the bash shell, which can be exploited by passing trailing code to a bash shell and gaining unauthorized access to the command environment.
  • This vulnerability is not present in the Dell Data Protection | Encryption Pre-Boot Authentication (PBA) software such as Self-Encrypting Drive (SED) management nor Hardware Encryption Accelerator (HCA) used for authenticating clients.

Upplösning

The issue has been resolved in Dell Data Protection | Virtual Edition v9.3 and later.

To correct this issue:

  1. Open the Virtual Edition remote desktop console.
  2. Choose the Launch Shell option from the Main Menu and follow these steps:
  3. Type the command: su ddpsupport
  4. Press the Enter key.
  5. When prompted, enter the password set for the ddpsupport user.
  6. There is an update prompt that starts with ddpsupport@.
  7. Type the command: sudo apt-get update
    • This command contacts the Ubuntu update servers using the Internet and requests the relevant updates required.
  8. Type the command: sudo apt-get install bash

After the update is complete, confirm that the update resolved the vulnerability by testing again.

Note: That the word vulnerable is not in the output of the command: env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Ytterligare information

More Reference Material

CVE-2014-6271 This hyperlink is taking you to a website outside of Dell Technologies. on the NIST website

Berörda produkter

Dell Encryption
Artikelegenskaper
Artikelnummer: 000129498
Artikeltyp: Solution
Senast ändrad: 13 sep. 2023
Version:  9
Få svar på dina frågor från andra Dell-användare
Supporttjänster
Kontrollera om din enhet omfattas av supporttjänster.