FYI... Palo Alto Networks intends to release an emergency content IPS coverage for CVE-2014-7169 within the next 24 hours Bash Shell remote code execution - CVE-2014-6271 vulnerability information Wednesday, September 24th, Palo Alto Networks became aware of a remote code execution vulnerability in the Bash shell utility, CVE-2014-6271. The vulnerability allows for remote code execution through multiple vectors due to the way Bash is often used on linux systems for processing commands. IPS Signature Mitigation CVE-2014-6271: Palo Alto Networks has released an emergency content update the same day, on September 24th, that provides detection of attempted exploitation of CVE-2014-6271 with IPS vulnerability Signature ID: 36729 "Bash Remote Code Execution Vulnerability" with Critical severity and default action of "Alert." Palo Alto Networks customers with a Threat Prevention subscription are advised to verify that they are running the latest content version on their devices. If you have any questions about coverage for this advisory, please contact Support. Product Vulnerabilities: The Bash vulnerability currently appears to be a low severity issue as it only could be exploited by authenticated administrators. Normal PAN-OS maintenance release updates will provide a fix for the vulnerability. We will continue to update you as additional information is available.
... View more
.png "Satish"){kind=avatar}
