Filter by Category

What GoAnywhere customers should know about Shellshock

On September 24th, vulnerability CVE-2014-6271 and CVE-2014-7169, also known as Shellshock or the Bash bug, was found in the widely-used Unix Bash shell. The vulnerability allows Bash to execute commands from environment variables unintentionally.

GoAnywhere Director, GoAnywhere Services, and GoAnywhere Gateway run on a JVM which is invoked from within a Bash shell.  While GoAnywhere is not directly affected by this bug, the GoAnywhere startup process utilizes the common JAVA_HOME and JRE_HOME environment variables during the initialization of the JVM.  It is thus possible that a compromised environment variable on a vulnerable Linux and Unix system could cause the startup and shutdown process of GoAnywhere to unintentionally execute other commands and programs.

Linoma Software [now HelpSystems] recommends that our customers who deploy GoAnywhere to Linux and UNIX servers be aware of this security bug and apply the appropriate patches as they become available from your operating system vendor.

 

 

 

Add a Comment

Allowed tags: <b><i><br>

Latest Posts


What Do Industry Professionals Think of Cloud Security? Get the 2018 Guide

June 18, 2018

Whether you’re considering a public cloud deployment or already exist in some form of hybrid environment, you’re probably trying to keep a pulse on the ever-evolving topic of cloud…


Introducing GoAnywhere MFT 5.7: New Cloud Integrations and Other Features

June 15, 2018

  The latest version of our secure managed file transfer solution is live! Today GoAnywhere MFT 5.7 released with a variety of new features and updates, including brand-new Cloud Connectors,…


20 Managed File Transfer Project Ideas (Plus Survey Results)

June 6, 2018

Earlier this year, HelpSystems surveyed nearly 200 GoAnywhere MFT users to see how they use managed file transfer software in their organizations. The responses we received from our customers were…


Tradeshow Recap: Exploring Cloud File Transfer at Red Hat Summit 2018

May 21, 2018

Last week marked the first year for GoAnywhere as an exhibitor at Red Hat Summit in San Francisco. The three-day conference was a whirlwind of activity, great conversations, and opportunities to…


3 Reasons to Attend VMUG's June 7 Virtual Event

May 17, 2018

Whether you’re already using VMware to manage multiple virtual machines in one console, or you’re just getting started with datacenter virtualization, staying on top of trends, changes,…