CVE-2014-6271 ShellShock Bash Exploit - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: IP Phone Series (/forumdisplay.php?fid=4) +--- Forum: Phone specific topic (/forumdisplay.php?fid=12) +---- Forum: T2xP Series (/forumdisplay.php?fid=21) +---- Thread: CVE-2014-6271 ShellShock Bash Exploit (/showthread.php?tid=2497) |
CVE-2014-6271 ShellShock Bash Exploit - Vanburen - 09-30-2014 05:53 PM Are the Yealink T2xP series vulnerable to the shellshock exploit? http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271 http://en.wikipedia.org/wiki/Shellshock_(software_bug) RE: CVE-2014-6271 ShellShock Bash Exploit - jolouis - 10-02-2014 12:33 AM Pretty sure Yealink is using Busybox like virtually all other embedded devices, and since it's not a bash shell (it's "sh") it's not vulnerable. Google busybox shellshock for details. RE: CVE-2014-6271 ShellShock Bash Exploit - James_Yealink - 10-09-2014 02:13 PM Hi All, Since Bash model are not applied to Yealink phones all Yealink phone models are not vulnerable to the shellshock issue. We will release an announcement later. Regards, James |