ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Is DLP vulnerable to the shell shock bug?

book

Article ID: 161227

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

Are any components of Data Loss Prevention vulnerable to the ShellShock bug?

Resolution

Symantec Data Loss Prevention does not ship any version of Bash (Bourne Again Shell).  However, Linux, which is a supported operating system for DLP, has Bash as its default shell.  Please check for applicable operating system patches or updates relevant to the ShellShock vulnerability.  

DLP has been tested to see if it could potentially be used as a vector to attempt to access the underlying OS version of Bash.  Symantec’s analysis showed DLP's input data is properly "sanitized" (no input data goes directly to any environmental variable), so there is no reason to think DLP is vulnerable.

Further information on ShellShock can be found at http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability