Is Palo vulnerable to the shell shock Linux bug?

Reply
L2 Linker

Is Palo vulnerable to the shell shock Linux bug?

Is Palo vulnerable to the shell shock Linux bug?

http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/

L6 Presenter

Re: Is Palo vulnerable to the shell shock Linux bug?

I also wonder if it is or not

There are some fixes and tests on the web for linux and macos but we don't have root access to test :smileyhappy:

L0 Member

Re: Is Palo vulnerable to the shell shock Linux bug?

I believe the latest emergency content update addresses this:

Application and Threat Content Release Notes

Version 457

Notes: Earlier today, Wednesday, September 24th, Palo Alto Networks became aware of a remote code execution vulnerability in the Bash shell utility. This vulnerability is CVE-2014-6271 and allows for remote code execution through multiple vectors due to the way Bash is often used on linux systems for processing commands. Additional information can be found here: http://seclists.org/oss-sec/2014/q3/650

To address this vulnerability, Palo Alto Networks has released an emergency content update that provides detection of attempted exploitation of CVE-2014-6271 with IPS vulnerability Signature ID: 36729 "Bash Remote Code Execution Vulnerability" with Critical severity and default action of "Alert." Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices. If you have any questions about coverage for this advisory, please contact Support.

New Vulnerability Signatures (1)

SeverityIDAttack NameCVE IDVendor IDDefault ActionMinimum PAN-OS Version
critical36729Bash Remote Code Execution VulnerabilityCVE-2014-6271alert4.0.0
L7 Applicator

Re: Is Palo vulnerable to the shell shock Linux bug?

Hello Smi12,

Content update 457-2377 with coverage for CVE-2014-6271 Signature ID: 36729 "Bash Remote Code Execution Vulnerability" has been released . Please update the PAN firewall with latest Application and Threat database.


Thanks

L7 Applicator

Re: Is Palo vulnerable to the shell shock Linux bug?

FYI..

emergency-content-release.jpg

Thanks

L4 Transporter

Re: Is Palo vulnerable to the shell shock Linux bug?

Good to know that there is a signature for it, but it doesn't answer the question if the OS itself is vulnerable of not

Kind regards,

Bob

Highlighted
L3 Networker

Re: Is Palo vulnerable to the shell shock Linux bug?

I agree with bdeschut...What's the story with that?

L6 Presenter

Re: Is Palo vulnerable to the shell shock Linux bug?

yes that was the real question I think

L2 Linker

Re: Is Palo vulnerable to the shell shock Linux bug?

Still trying to work out if the Linux based PAN-OS including that used by Panorama is vulnerable to this also?  any thoughts HULK or  mrsoldner ?

L3 Networker

Re: Is Palo vulnerable to the shell shock Linux bug?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!