Looks like we are waiting for word from Netapp on this one:
netapp% uname -a Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64 netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]: 3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP ops, 0 FCP ops, 0 iSCSI ops env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test netapp%
bash --version GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd) Copyright (C) 2007 Free Software Foundation, Inc.
I doubt there are many vectors that this vuln would work, but still a little concerning.
How do you get to this prompt? Is this cmode or 7mode?
TIA, Fred
________________________________ From: Douglas Siggins siggins@gmail.com To: "toasters@teaparty.net" toasters@teaparty.net Sent: Wednesday, September 24, 2014 3:03 PM Subject: CVE-2014-6271: remote code execution through bash
Looks like we are waiting for word from Netapp on this one:
netapp% uname -a Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64 netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]: 3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP ops, 0 FCP ops, 0 iSCSI ops env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test netapp%
bash --version GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd) Copyright (C) 2007 Free Software Foundation, Inc.
I doubt there are many vectors that this vuln would work, but still a little concerning. _______________________________________________ Toasters mailing list Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
That's systemshell available on clustered ontap and probably 7 mode.
It's a diag level BSD shell
From: toasters-bounces@teaparty.net [mailto:toasters-bounces@teaparty.net] On Behalf Of Fred Grieco Sent: Friday, 26 September 2014 2:20 a.m. To: Douglas Siggins; toasters@teaparty.net Subject: Re: CVE-2014-6271: remote code execution through bash
How do you get to this prompt? Is this cmode or 7mode?
TIA, Fred
________________________________ From: Douglas Siggins <siggins@gmail.commailto:siggins@gmail.com> To: "toasters@teaparty.netmailto:toasters@teaparty.net" <toasters@teaparty.netmailto:toasters@teaparty.net> Sent: Wednesday, September 24, 2014 3:03 PM Subject: CVE-2014-6271: remote code execution through bash
Looks like we are waiting for word from Netapp on this one:
netapp% uname -a Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64 netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]: 3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP ops, 0 FCP ops, 0 iSCSI ops env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test netapp%
bash --version GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd) Copyright (C) 2007 Free Software Foundation, Inc.
I doubt there are many vectors that this vuln would work, but still a little concerning. _______________________________________________ Toasters mailing list Toasters@teaparty.netmailto:Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
Disclaimer
The information in this e-mail is confidential and may contain content that is subject to copyright and/or is commercial-in-confidence and is intended only for the use of the above named addressee. If you are not the intended recipient, you are hereby notified that dissemination, copying or use of the information is strictly prohibited. If you have received this e-mail in error, please telephone Fujitsu New Zealand Limited on 4 4950700 or by reply e-mail to the sender and delete the document and all copies thereof.
Whereas Fujitsu New Zealand Limited would not knowingly transmit a virus within an email communication, it is the receiver?s responsibility to scan all communication and any files attached for computer viruses and other defects. Fujitsu New Zealand Limited does not accept liability for any loss or damage (whether direct, indirect, consequential or economic) however caused, and whether by negligence or otherwise, which may result directly or indirectly from this communication or any files attached.
If you do not wish to receive commercial and/or marketing email messages from Fujitsu New Zealand Limited, please email unsubscribe@nz.fujitsu.com
Here is the official response from NetApp in case anybody is interested: https://library.netapp.com/ecm/ecm_get_file/ECMP1655016
Dan
On Sep 24, 2014, at 2:03 PM, Douglas Siggins siggins@gmail.com wrote:
Looks like we are waiting for word from Netapp on this one:
netapp% uname -a Data ONTAP xxxxxxx 8.2.1 Data ONTAP Release 8.2.1 amd64 netapp% Wed Sep 24 15:00:00 EDT [bosnamail20:kern.uptime.filer:info]: 3:00pm up 41 days, 39 mins, 603179098 NFS ops, 0 CIFS ops, 0 HTTP ops, 0 FCP ops, 0 iSCSI ops env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test netapp%
bash --version GNU bash, version 3.2.48(1)-release (x86_64-pc-freebsd) Copyright (C) 2007 Free Software Foundation, Inc.
I doubt there are many vectors that this vuln would work, but still a little concerning. _______________________________________________ Toasters mailing list Toasters@teaparty.net http://www.teaparty.net/mailman/listinfo/toasters
-
Bradley, Shane -
Dan Burkland -
Douglas Siggins -
Fred Grieco