Is DLP vulnerable to the shell shock bug?
search cancel

Is DLP vulnerable to the shell shock bug?

book

Article ID: 161227

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention

Issue/Introduction

Are any components of Data Loss Prevention vulnerable to the ShellShock bug?

Resolution

Symantec Data Loss Prevention does not ship any version of Bash (Bourne Again Shell).  However, RHEL (which is a supported operating system for DLP servers) has Bash as its default shell. Please check for applicable operating system patches or updates relevant to the ShellShock vulnerability.

DLP has been tested to see if it could potentially be used as a vector to attempt to access the underlying OS version of Bash.  Symantec’s analysis showed DLP's input data is properly "sanitized" (no input data goes directly to any environmental variable), so there is no reason to think DLP is vulnerable.

 

 

 

Additional Information

Further information on ShellShock can be found at Endpoint Protection - Symantec Enterprise (broadcom.com).