10-01-2014 09:37 PM
Will NBU appliances be at risk on bashbug?..... What could be preventive actions to be taken to protect it.
Although appliances have been hardened by SCSP and has restricted privileges, are there chances it might get affected?
http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability?inid=us_ghp_hero3_bashbug
10-01-2014 10:01 PM
Check the note
http://www.symantec.com/docs/TECH224948
10-02-2014 03:26 AM
All fine(ish) if you are at 2.6.0.2 or above, affected if earlier .. fully fixed at the next release
10-02-2014 11:38 AM
Hello,
Please watch and subscribe toTECH224948. This is Symantec's statment for the Shell Shock or bash bug "CVE-2014-6271" and newer "CVE-2014-7169" on NetBackup and NetBackup Appliances.
Here are the versions with impact:
Component |
Version |
Impact? |
NetBackup |
7.6 / 7.6.0.1 |
No |
NetBackup |
Versions prior to 7.6 |
No |
NetBackup (52xx) Appliances |
2.6.0.2 and higher |
Yes; minimal |
NetBackup (52xx) Appliances |
Versions prior to 2.6.0.2 |
Yes |
Deduplication (50xx) Appliances |
1.4.4 |
Yes |
A tentative date of October 3, 2014 has been set for when an Emergency Engineering Binary (EEB) will be made available for the potentially impacted components.
10-03-2014 10:59 AM
Sorry guys, looks like some newer issues which ALSO need to get addressed will necessitate us pushing our tentative date for a hotfix release back a week to October 10. Hopefully we will get the TechNote updated to reflect this later today when we have a little more information.