I'm concerned about bitty box vendors like NetApp, Juniper, Cisco... -- richard
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Ben Scott Sent: Thursday, September 25, 2014 10:00 AM To: [email protected] Subject: Re: [NTSysADM] Major Bash Vulnerability -- ALL versions On Thu, Sep 25, 2014 at 9:35 AM, Andrew S. Baker <[email protected]> wrote: > Yes, the embedded systems are going to be the tricky ones. > Think firewalls, IPS, virtual appliances based on *nix, routers (especially > consumer ones)... The one saving grace there is that bitty boxes often don't install Bash, since Bash has a relatively large footprint[1]. They'll often go with a smaller shell, like zsh, nash, dash, etc. Of course, you can't *depend* on this without checking first. And good luck getting answers from your typical bitty box vendor. -- Ben [1] Several megabytes, which is considered large in that world. The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof.
