[Freeswitch-users] Bash ShellShock vulnerability
Chris Young
Chris.Young at enghouse.com
Wed Oct 1 16:32:01 MSD 2014
Great, thanks for the confirmation.
From: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Regis M
Sent: 01 October 2014 12:52
To: FreeSWITCH Users Help
Subject: Re: [Freeswitch-users] Bash ShellShock vulnerability
Freeswitch will not be affected when running on system with patched bash.
If freeswitch runs on system affected, with somewhere in a script a call to command "System" that use user's variable (passed by web, or cli, or anywhere else), you're hit. If you're system use a patched bash, you're safe.
Regards
2014-10-01 12:03 GMT+02:00 Chris Young <Chris.Young at enghouse.com<mailto:Chris.Young at enghouse.com>>:
Hi all,
This should be a nice easy one - could somebody please confirm for me that FreeSWITCH 1.4.x is not affected by the Bash ShellShock vulnerability. I'm sure this is the case but we have some partners who are concerned about it and would like some reassurance.
Many thanks,
Chris
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org<mailto:consulting at freeswitch.org>
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20141001/4c1f42f1/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list