Critical Linux Security Vulnerability Alert: Shellshock

A major security exploit has recently been identified and announced by security experts, nicknamed Shellshock. It is especially severe because it potentially allows remote users to gain complete root control over Unix, Linux, and OSX servers through an exploit in the Bash shell.

Due to the extreme severity rating of this vulnerability (10), we are informing all Pantek clients, and encourage you to check your server status immediately.

You can find out more details of this vulnerability here:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271

This vulnerability affects versions 1.14 through 4.3 of GNU Bash.

Patches have been issued by many of the major Linux distribution vendors:

  • Red Hat Enterprise Linux (versions 4 through 7) and the Fedora distribution
  • CentOS (versions 5 through 7)
  • Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
  • Debian

All Pantek Support Engineers have been advised of this issue, and trained in the appropriate response procedure. If you would like our assistance in determining if your GNU Bash has been affected, or to fix the vulnerability, please open a Support Ticket via the Pantek Portal: https://portal.pantek.com/clientarea.php

Pantek Clients who have purchased a Managed Service Plan will receive a separate notification, as management of these third-party security issues is included without incurring extra charges.

You can find more details on our Managed Service Plans here: 

http://www.pantek.com/managed