Shellshock (bash) and SmarterTrack

Question asked by Eddi Bento - 9/29/2014 at 9:50 AM

Answered

Hello.

I'm pretty sure I already know the answer to this, but in the world of security, one can never be too sure.

I'm specifically looking at SmarterTrack, but are any of your products vulnerable to Shellshock? I know that they are .NET applications and when run on Windows Servers, there is no bash command, but I'm unaware of the components within ST.

4 Replies

Reply to Thread

Eddi Bento Replied

9/30/2014 at 12:10 PM

Anybody? I'd like to know that SmarterTools cares about the security of its customers.

Marc Frega Replied

9/30/2014 at 5:07 PM

Im not 100% sure but im 99.9% sure that it has no bash vulnerability.

Eddi Bento Replied

9/30/2014 at 6:12 PM

Dude, I'm with you. It's a .NET application. Unfortunately I can't go out to my customers and be like, "Well Jim, we're pretty sure it's not an issue..."

Derek Curtis Replied

10/2/2014 at 9:01 AM

Employee Post Marked As Answer

Sorry, I missed this thread earlier.

As Shellshock is a security issue affecting the Unix bash shell it should have zero impact on any SmarterTools product.

That said, running a Windows server doesn't make you immune. We recommend using good security and privacy policies when running ANY Internet-connected server, regardless of its core operating system. ZDNet has a good FAQ on Shellshock and it does address whether Windows users are vulnerable or not. The short answer is: "probably not."

Derek Curtis COO SmarterTools Inc. (877) 357-6278 www.smartertools.com

Back to Community Threads

Please leave this box unchecked

4 Replies

Reply to Thread

Tags

Related Knowledge Base Articles