Bash or the Bourne again shell has vulnerabilities in the way it handles environment variables when it is invoked. Under some scenarios, network based remote attackers can inject shell script that can be executed on a system. This is also known as "ShellShock".

MT-C has released a fix for all the version of its products affected by this Shellshock bug:

  • FS5193 Gateway for ETERNUS CS
    • version 1.40 build 001
    • version 2.00 build 001
    • version 2.00 build 002
    • version 2.00 build 003
  • LMS/5180 Manager for FC VTL and TL
    • version 2.10 build 001

For more details click here: 20140110 Security Bulleting - ShellShockPatch.pdf

Published by

Adrien Palumbo

01 October 2014