• October 31, 2020, 03:08:39 AM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Shellshock  (Read 2931 times)

0 Members and 1 Guest are viewing this topic.

Offline Dominik

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1564
    • Networkautobahn
Shellshock
« on: September 30, 2014, 07:04:29 AM »
Hi,

here is the link to the official response from Avaya to the shellshock vulnerabilitiy.

https://support.avaya.com/helpcenter/getGenericDetails?detailId=C2014926131554370002

Cheers

Itīs always the networks fault!
networkautobahn.com


Offline Paul L

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 754
    • paulaleroux
    • Paul's Networking blog
Re: Shellshock
« Reply #1 on: October 03, 2014, 10:02:59 AM »
important to note that the only Avaya networking appliance that is affected is the old VPN router.

the rest is all software. 

No ERS or VSP or WLAN products are affected.
ACSS- Avaya Enterprise Routing Switch  #8

Offline telecom116

  • Sr. Member
  • ****
  • Posts: 217
Re: Shellshock
« Reply #2 on: October 03, 2014, 07:06:52 PM »
important to note that the only Avaya networking appliance that is affected is the old VPN router.

the rest is all software. 

No ERS or VSP or WLAN products are affected.
Hmm, from what I see here the VPN Router (formerly Contivity) are NOT affected as they run an alternate shell.

https://support.avaya.com/ext/index?page=content&id=SOLN256919

The VPN Gateway3050/3070/3090 products have a Low rating as the user account that is affecting is disabled by default.

https://downloads.avaya.com/css/P8/documents/100183045

Offline telecom116

  • Sr. Member
  • ****
  • Posts: 217
Re: Shellshock
« Reply #3 on: October 03, 2014, 07:10:43 PM »
Just received notice from Avaya - more Avaya hardware affected by the Shellshock vulnerability are items in the former Radvision video conferencing portfolio, including, but not limited to:
- Scopia Pathfinder
- Scopia Elite MCU 5000
- Scopia Elite MCU 6000