Filter by Category

What GoAnywhere customers should know about Shellshock

On September 24th, vulnerability CVE-2014-6271 and CVE-2014-7169, also known as Shellshock or the Bash bug, was found in the widely-used Unix Bash shell. The vulnerability allows Bash to execute commands from environment variables unintentionally.

GoAnywhere Director, GoAnywhere Services, and GoAnywhere Gateway run on a JVM which is invoked from within a Bash shell.  While GoAnywhere is not directly affected by this bug, the GoAnywhere startup process utilizes the common JAVA_HOME and JRE_HOME environment variables during the initialization of the JVM.  It is thus possible that a compromised environment variable on a vulnerable Linux and Unix system could cause the startup and shutdown process of GoAnywhere to unintentionally execute other commands and programs.

Linoma Software [now HelpSystems] recommends that our customers who deploy GoAnywhere to Linux and UNIX servers be aware of this security bug and apply the appropriate patches as they become available from your operating system vendor.

 

 

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


Which is Better: SFTP vs. FTPS?

September 24, 2018

How do you transfer sensitive files? Business requirements and security standards have increased in recent years across industries and continents, but many organizations have struggled to keep up.…


Tradeshow Recap: VMware 20th Anniversary, Secure File Transfers, and More at VMworld 2018

September 10, 2018

Dazzling booth displays and nerdy Star Wars swag. Informative training sessions. Demos for modern software and hardware. Drones. In-depth industry conversations. Coffee decorated with techy latte…


Are These Users on Your Organization's Security Watch List?

August 31, 2018

Does this story sound familiar? See if you share these trials in your own organization, then request the ebook to learn how to prevent six internal users from putting your network at…


Introducing GoAnywhere MFT for AWS and Azure Cloud File Transfers

August 21, 2018

Are you looking for a solution that automates the movement of files between your on-premises and cloud environments? As cloud computing platforms become more commonplace, organizations are starting…


Getting the Most Out of Your GoAnywhere MFT Trial

August 14, 2018

We know it’s crucial to get a solution up and running quickly during your evaluation period. You want to know if it works, what the benefits are, and how it will impact or improve your business…