Trend Micro products and the Shellshock – Linux Bash Vulnerability (Bash Bug) [CVE-2014-6271 and CVE-2014-7169]

  • Updated:
    • 21 Apr 2016
  • Product/Version:
    • Advanced Reporting and Management for InterScan Web Security 1.5
    • Advanced Reporting and Management for InterScan Web Security 1.6
    • Core Protection Module 10.5
    • Core Protection Module 10.6
    • Deep Security All.All
    • Deep Security for Web Apps 2.0
    • Email Encryption Gateway 5.5
    • Endpoint Encryption 3.1 Full Disk Encrypti
    • Endpoint Encryption 5.All
    • InterScan for Cisco CSC-SSM 6.All
    • InterScan Messaging Security Suite All.All
    • InterScan Web Security as a Service All.All
    • InterScan Web Security Suite All.All
    • InterScan Web Security Virtual Appliance All.All
    • OfficeScan 10.6
    • OfficeScan 11.0
    • SafeSync for Enterprise All.All
    • ScanMail for Exchange All.All
    • ScanMail for Lotus Domino All.All
    • SecureCloud All.All
    • ServerProtect for Linux 3.0
    • Threat Discovery Appliance All.All
    • Threat Mitigator 2.0
    • Threat Mitigator 2.5
    • Worry-Free Business Security Standard/Advanced 7.0
    • Worry-Free Business Security Standard/Advanced 8.0
    • Worry-Free Business Security Standard/Advanced 9.0
  • Platform:
    • N/A N/A
Summary

What is Shellshock?

The Shellshock Vulnerability (CVE-2014-6271) is a serious vulnerability in Bash on Linux.

According to RedHat, “A flaw was found in the way Bash (aka bourne-again shell) evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.”

There was an original fix published for CVE-2014-6271, but it proved to be incorrect and/or incomplete, so a second advisory was issued (CVE-2014-7169) to address this. 

Who is impacted by Shellshock?

Because some of Trend Micro’s products are designed to run on or protect Linux-based platforms, some of these products may be affected by this vulnerability. This article contains the list of products that are affected and the recommended action to take to eliminate the risks as they are identified and corrected.

External References:

 
After further investigation of this vulnerability, researchers uncovered two more bugs that affect Gnu BASH parser, 'parse.y'. For more information, refer to the following KB article: 
Details
Public

Trend Micro products that are running on Windows are not affected by the Bash Bug. Trend external servers including SaaS servers are also unaffected.

Linux, Unix, or Mac-based products that are not affected

Business ProductsVersion
AU/iAU (ActiveUpdate) 
CPM for Mac1.1, 2.0
Deep Discovery InspectorAll
Deep Security as a Service (DSaaS)All
Deep Security for Web Apps2.1
Email Encryption Gateway (TMEEG)5, 5.5
Email Reputation Service (ERS)All
Email Security Platform for Service Providers - White Label 1.0
Full Disk Encryption (TMFDE)5.0/3.1.3
Hosted Email Security1.9 and 2.0
Hosted Mobile Security1.6
HouseCall7.1/8
InterScan for Cisco CSC-SSM6.6
InterScan Messaging Security Suite (IMSS)7.0/7.1
InterScan VirusWallAll
InterScan Web Security as a Service (IWSaaS)1.9
InterScan Web Security SuiteAll
ISUX3.81
Licensing Management Portal (LMP)/Customer Licensing Portal (CLP)All
Network VirusWall Enforcer (NVWE)All
OfficescanAll
Remote Manager3.3
SafeSync for BusinessAll
ScanMail for Domino / ScanMail for IBM DominoAll
SecureCloud?3.0, 3.5, 3.6 (Cent OS)
ServerProtect for LinuxAll
Threat Discovery Appliance (TDA) / Deep Discovery Inspector (DDI)All
Threat Mitigator (TMTM)2.58,2.6, 2.6 SP1, 2.6 SP2
TMNAS 
Mobile Security for EnterpriseAll
Worry-free Business Security Services5.6
Home and Home Office ProductsVersion
JewelryBox2.0, 2.1
PlatinumAll
Safesync for ConsumerAll
SafeSync for xSP2.0 (Mac)
Security for Mac (TMSM)1.5, 1.6, 2.0
Titanium for Mac 

Linux, Unix, or Mac-based products that require updates

ProductVersionRequired Update
Advanced Reporting Module (ARM)1.5, 1.6
Data Loss Prevention Network Monitor (DLPNM)2.0
Interscan Messaging Security Virtual Appliance (IMSVA)8.0, 8.2, 8.5
Interscan Web Security Virtual Appliance (IWSVA)
5.5, 5.6, 6.0 SP1, 6.5
SafeSync for Enterprise (SSFE)
2.1
Smart Protection Server (SPS)
2.5, 2.6, 3.0
Deep Security Virtual Appliance (DSVA)
9.0

What if my product is not listed?

If the product has not reached End-of-Support, it is most likely that Trend Micro is still analyzing the vulnerability and it’s impact on your product. As soon as the analysis is completed, the product will be added in the list.

What if I have additional questions?

For additional inquiries, contact Trend Micro Technical Support.

Premium
Internal
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.