[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
CVE-2014-6271 ShellShock Bash Exploit
Author Message
Vanburen Offline
Junior Member
**

Posts: 8
Joined: Jul 2013
Reputation: 1
Post: #1
CVE-2014-6271 ShellShock Bash Exploit
Are the Yealink T2xP series vulnerable to the shellshock exploit?

http://web.nvd.nist.gov/view/vuln/detail...-2014-6271
http://en.wikipedia.org/wiki/Shellshock_(software_bug)
09-30-2014 05:53 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
jolouis Offline
Moderator
*****

Posts: 339
Joined: Oct 2013
Reputation: 6
Post: #2
RE: CVE-2014-6271 ShellShock Bash Exploit
Pretty sure Yealink is using Busybox like virtually all other embedded devices, and since it's not a bash shell (it's "sh") it's not vulnerable. Google busybox shellshock for details.
10-02-2014 12:33 AM
Find all posts by this user    like0    dislike0 Quote this message in a reply
James_Yealink Offline
Administrator
*******

Posts: 1,159
Joined: Aug 2014
Reputation: 8
Post: #3
RE: CVE-2014-6271 ShellShock Bash Exploit
Hi All,

Since Bash model are not applied to Yealink phones all Yealink phone models are not vulnerable to the shellshock issue.

We will release an announcement later.

Regards,
James
10-09-2014 02:13 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication