1
Shellshock (bash) and SmarterTrack
Question asked by Eddi Bento - September 29, 2014 at 9:50 AM
Answered
Hello.
 
I'm pretty sure I already know the answer to this, but in the world of security, one can never be too sure.
 
I'm specifically looking at SmarterTrack, but are any of your products vulnerable to Shellshock?  I know that they are .NET applications and when run on Windows Servers, there is no bash command, but I'm unaware of the components within ST.

4 Replies

Reply to Thread
0
Eddi Bento Replied
September 30, 2014 at 12:10 PM
Anybody? I'd like to know that SmarterTools cares about the security of its customers.
0
Marc Frega Replied
September 30, 2014 at 5:07 PM
Im not 100% sure but im 99.9% sure that it has no bash vulnerability.
0
Eddi Bento Replied
September 30, 2014 at 6:12 PM
Dude, I'm with you. It's a .NET application. Unfortunately I can't go out to my customers and be like, "Well Jim, we're pretty sure it's not an issue..."
0
Derek Curtis Replied
October 2, 2014 at 9:01 AM
Employee Post
Sorry, I missed this thread earlier.
 
As Shellshock is a security issue affecting the Unix bash shell it should have zero impact on any SmarterTools product.
 
That said, running a Windows server doesn't make you immune. We recommend using good security and privacy policies when running ANY Internet-connected server, regardless of its core operating system. ZDNet has a good FAQ on Shellshock and it does address whether Windows users are vulnerable or not. The short answer is: "probably not."
Derek Curtis
COO
SmarterTools Inc.
(877) 357-6278
www.smartertools.com

Reply to Thread