Discussion stats
  • 8 replies
  • 11014 views
  • 0 kudos
  • 6 in conversation
Announcements

Top Contributors
Reply
Highlighted
Virtuoso

Does this router run Unix? Is Shellshock/Bash in issue?

Does this device use Unix/Linux as its back end?
Is the Shellshock bug in BASH an issue with this router?

Will Netgear put out ANY security fixes for this EOL device?

Aloke
Message 1 of 9
Highlighted
Aspirant

Re: Does this router run Unix? Is Shellshock/Bash in issue?

alokeprasad wrote:

Is the Shellshock bug in BASH an issue with this router?


I'll answer only that one with following, hope it helps.

http://forum1.netgear.com/showpost.php?p=483078&postcount=2
Message 2 of 9
Highlighted
Virtuoso

Re: Does this router run Unix? Is Shellshock/Bash in issue?

It would be nice to get some word from Netgear (press release?) that addresses this for their current and legacy products.
Message 3 of 9
Highlighted
Mentor

Re: Does this router run Unix? Is Shellshock/Bash in issue?

Try opening a request at my.netgear.com

Give a man a fish, feed him for a day
Teach a man to fish, feed him for life.
Message 4 of 9
Highlighted
Virtuoso

Re: Does this router run Unix? Is Shellshock/Bash in issue?

I did. Lets see if they respond.
Message 5 of 9
Highlighted
Virtuoso

Re: Does this router run Unix? Is Shellshock/Bash in issue?

Here's the response from Netgear Support: With regard to your query, this router uses Linux as its back end or is a Linux based. However, NETGEAR devices are not vulnerable to Shellshock attack as the software does not use bash as a command interpreter. It is not a security issue at this time as bash cannot be remotely accessed unless you open SSH. With the shellshock attack, the attacker first break in over SSH and enables BASH to the Internet and by then the attacker would have access to the system. Generally, to avoid the attack do not open root SSH to the Internet.
Message 6 of 9
Highlighted
Aspirant

Re: Does this router run Unix? Is Shellshock/Bash in issue?

alokeprasad wrote:

With the shellshock attack, the attacker first break in over SSH and enables BASH to the Internet and by then the attacker would have access to the system.


That's only one possible attack vector. They can also hit any CGI page that happens to call BASH. Of course, if that page is not accessible from the outside internet (remote management not enabled) you should be generally safe.

The response I got from Netgear support was that the engineering team is investigating which models may be affected. The results are likely to come back only to the support team, so I should call back in a few days for more information on my specific model.
My case is a bit more specific because we do unusual things behind the router and need to be conscious of inside as well as outside threats.
Message 7 of 9
Highlighted
Aspirant

Re: Does this router run Unix? Is Shellshock/Bash in issue?

NETGEAR Support's personal response to alokeprasad, which comes to us second-hand, is not an official statement from the company. But it does tell us some useful information.

We have recieved confirmation that at least one model has bash installed, which must have the bug. It is reasonable to believe many models are similar.

We also know they have thought through one of the possible attack vectors and concluded that it does not represent a vulnerability.

The problem is that as long as the buggy bash is there, then we can never know that all possible attack vectors have been closed. The only complete fix is to remove or patch bash.
Message 8 of 9
Highlighted
NETGEAR Employee Retired

Re: Does this router run Unix? Is Shellshock/Bash in issue?

NETGEAR public message

A new software bug called “Shellshock” has been found in the Bash command shell which is present in most Linux and UNIX systems and Apple’s Mac OS X. This vulnerability allows attackers to remotely execute malicious code on a huge number of servers across the globe. NETGEAR is pleased to report that none of our routers, switches, business wireless products, AirCard or ReadyDATA products were affected by the Shellshock bug. All NETGEAR and AirCard servers have been patched.

The following products were vulnerable and will have patches available:
FVS318N – patch available by end of October
ProSECURE UTM products – patch available week of 10/6.
ReadyNAS – patch available mid-October at support.netgear.com


NETGEAR advises all customers with products affected to update their products by downloading the new firmware (at support.netgear.com) with the patch as soon as it is available.

For more information see the NETGEAR knowledgebase article posted online at http://kb.netgear.com/app/answers/detail/a_id/25703
Message 9 of 9