Filter by Category

What GoAnywhere customers should know about Shellshock

On September 24th, vulnerability CVE-2014-6271 and CVE-2014-7169, also known as Shellshock or the Bash bug, was found in the widely-used Unix Bash shell. The vulnerability allows Bash to execute commands from environment variables unintentionally.

GoAnywhere Director, GoAnywhere Services, and GoAnywhere Gateway run on a JVM which is invoked from within a Bash shell.  While GoAnywhere is not directly affected by this bug, the GoAnywhere startup process utilizes the common JAVA_HOME and JRE_HOME environment variables during the initialization of the JVM.  It is thus possible that a compromised environment variable on a vulnerable Linux and Unix system could cause the startup and shutdown process of GoAnywhere to unintentionally execute other commands and programs.

Linoma Software [now HelpSystems] recommends that our customers who deploy GoAnywhere to Linux and UNIX servers be aware of this security bug and apply the appropriate patches as they become available from your operating system vendor.




Add a Comment

Allowed tags: <b><i><br>

Latest Posts

The Ultimate Guide to Investing in Secure File Transfer Software

March 13, 2018

It comes as no surprise—file transfers are a critical part of each organization’s operations. They can share anywhere from dozens to hundreds of thousands of documents with trading…

What You Need to Know to Prepare for GDPR Compliance

March 6, 2018

Now that we’ve crossed into 2018, the GDPR is only months away. Less than three months, in fact—the new EU General Data Protection Regulation becomes enforceable worldwide for any…

On the Road Again: Where to find GoAnywhere this Spring

February 28, 2018

On the road again Goin' places that I've never been Seein' things that I may never see again And I can't wait to get on the road again. Is anyone else itching to follow in Willie Nelson’s…

Marketing Service Provider Successfully Deploys GoAnywhere in the Cloud

February 22, 2018

As industry needs evolve, many organizations are looking to the cloud as a potential next step for their data requirements. For one big data, analytics, and marketing service provider, moving to a…

15 Ways to Avoid Document Chaos with Secure Forms

February 20, 2018

Vendors, employees, customers, and trading partners exchange an abundance of files every day, often by a variety of means including mail, email, telecomm apps like Skype, shared file storage like…