Bash Vulnerability

alb293 · #1 09-25-2014, 06:52 AM

http://arstechnica.com/security/2014...ith-nix-in-it/

It looks like a lot of Avaya servers are vulnerable right now, since CentOS and Redhat are affected.

jaytarbox · #2 09-26-2014, 08:22 AM

And, Avaya hasn't said a word that I can find yet. I had customers asking about it only a few hours after the news broke.

tkbinpdx · #3 09-26-2014, 11:28 AM

https://support.avaya.com/tools/secu...sory?year=2014

rbrookes · #4 09-26-2014, 02:39 PM

Shellshock/Bash impact update for Avaya products
Avaya’s Product Security Team is aware of the Shellshock security issue and is working aggressively with product teams across our portfolio to assess any possible impact and identify a mitigation plan as appropriate. An Avaya Security Advisory (ASA) will be published later today, Friday 26 September at approximately 7pm ET. The Product Security team will continue to report findings as they become available.

Please visit the following link on the Avaya Support Website for the latest information on this topic. All ASAs for Shellshock will be posted to this site.

Avaya Support Website – Shellshock/Bash Impact for Avaya Products - https://support.avaya.com/helpcenter...26131554370002

darrenspain · #5 09-29-2014, 07:08 AM

hi
are avaya telling the customers to wait until they have included updates in patchs / security updates or are avaya telling customers to go ahead and use the updates from the RedHat site ?

I have read the bulletin from Avaya but it is not clear to me what is the recommended course of action ?

Thanks
Darren

jaytarbox · #6 09-30-2014, 07:15 AM

You should wait, most of the products you wouldn't have the rights to install the needed patch anyway.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode