Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2647
Views
0
Helpful
1
Replies

VCS Shellshock vulnerability

Graeme Kay
Level 1
Level 1

‎09-25-2014 07:59 AM - edited ‎03-18-2019 03:27 AM

Hi All,

We have been informed of a new vulnerability on Linux / Unix systems. We have tried a command ( which is purely anecdotal at this stage ) that apparently proves whether a particular Linux or Unix system is vulnerable.

This appears to show the VCS ( x8.1.1 test ) as being vulnerable: 

~ # env X="() { :;} ; echo Shellshock" `which bash` -c "echo completed"
Shellshock
completed

The idea behind the test is that if you receive an echo of whatever you put in place of Shellshock it means that the device is vulnerable. This may be incorrect but can we get security update from Cisco as to whether the VCS is vulnerable.

Kind regards,
GK 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Jens Didriksen
Level 9
Level 9

‎09-25-2014 02:24 PM

https://supportforums.cisco.com/discussion/12310356/new-bash-shell-shock-security-bug-bigger-heartbleed

Please rate replies and mark question(s) as "answered" if applicable.
0 Helpful
Customers Also Viewed These Support Documents