Remote Code Execution Vulnerability in BASH Interpreter
#2014-1004-06
Remote Code Execution Vulnerability in BASH Interpreter
Oct 3, 2014
Background
The ShellShock bug is a group of serious vulnerabilities in the popular BASH shell interpreter. It is also
widespread, existing in most Linux-based products. Since the initial vulnerability was first announced and
patched, new aspects of the vulnerability have been discovered. These are being tracked as CVE-2014-6271,
CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278.
The flaw involves improper processing of environment variables. In certain configurations, the ShellShock
vulnerability may allow an unauthenticated remote attacker to execute malicious code on a targeted system. Of
particular concern are services that receive a request via HTTP and use BASH to execute commands on the
server. In some configurations, this vulnerability could be used to install malware on a server. Independent
reports indicate that vulnerable systems are being targeted and compromised to be used in botnets.
Summary
Mitel is monitoring this dynamic situation very carefully. We are conducting a thorough investigation of its entire
portfolio to ascertain which of our products may be susceptible. This security advisory will be updated as new
information emerges and as our investigation progresses.
The following products may be vulnerable
Mitel has begun releasing patches for affected systems. Contact Mitel or Aastra support for more information
about particular products.
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
Mitel MiCollab (Audio, Web and Video Conferencing) - See Mitel KB 14-1263-00116
Mitel MiCollab NuPoint (Speech Auto Attendant) - See Mitel KB 14-1263-00116
Mitel MiCollab NuPoint (Unified Messaging) - See Mitel KB 14-1263-00116
Mitel NuPoint UM (Standalone)
Mitel MiCollab (MAS) - See Mitel KB 14-1263-00116
Mitel MiCollab with Voice (vUCC) - See Mitel KB 14-1263-00116
Mitel MiVoice Border Gateway - See Mitel KB-14-1263-00115
Mitel MiVoice Communications Director (ISS) - See Mitel KB 14-5191-00330. (this not the 3300
appliance)
Mitel MiVoice Office (Mitel 5000)
Mitel Multi-Instance Communications Director (MiCD)
Mitel Oria - See Mitel KB 14-5127-00118
Mitel Virtual MiVoice Communications Director (this is not the 3300 appliance)
Aastra MX-ONE Telephony System - See Aastra KB 7642
Aastra MX-ONE Telephony Server - See Aastra KB 7642
Aastra 5000 Call Manager
Aastra 5000 Compact
Aastra 5000 Gateway
Aastra 700 - See Aastra KB 7642
Aastra AM7450 Management Center
Aastra Clearspan (Acme Packet Core SBC) - Limited exposure. Contact Clearspan support
Aastra Clearspan (Broadworks Platform) - Limited exposure. Contact Clearspan support
Aastra Clearspan (Edgewater eSBC) - Limited exposure. Contact Clearspan support
The following products are not vulnerable
§ Mitel 1000
§ Mitel 3000 Communications System
§ Mitel 3250
§ Mitel ER Advisor
§ Mitel MiCollab Client (Desktop/Web)
§ Mitel MiCollab Mobile Client (Android)
§ Mitel MiCollab Mobile Client (iOS)
§ Mitel MiContact Center Business
§ Mitel MiContact Center Enterprise
§ Mitel MiContact Center for Microsoft Lync
§ Mitel MiContact Center Office
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
§
Mitel MiContact Center Outbound
Mitel Virtualization Framework
Mitel MiVoice 5603/5604/5606/5607 IP DECT phones (Ascom OEM)
Mitel MiVoice 5624 WiFi Phone (Ascom OEM)
Mitel MiVoice Business Dashboard (CSM)
Mitel MiVoice Call Accounting
Mitel MiVoice Communications Director (3300)
Mitel MiVoice Conference Unit (UC360)
Mitel MiVoice Digital Phones 8528, 8568
Mitel MiVoice Enterprise Manager
Mitel MiVoice for Lync
Mitel MiVoice HTML Application
Mitel MiVoice IP Phones 53xx, 5560, 5540, 5505
Mitel MiVoice Video Unit (UC360)
Mitel SX-200IP ICP
Mitel 5603/5604/5607/5624 Rack Charger (Ascom OEM)
Mitel 5603/5604/5607 Programmer (Ascom OEM)
Mitel MiVoice IP DECT Base Station (Ascom OEM)
Aastra MX-ONE Manager Provisioning
Aastra MX-ONE Manager Telephony System
Aastra MX-ONE Manager System Performance
Aastra MX-ONE Manager Availability
Aastra 2380ip
Aastra 400
Aastra 5300 series
Aastra 6700i, 6800i (Praxis) Series SIP Phones
Aastra 9000i Series (9480i, 9143i, 9133i, 9112i) SIP Phones
Aastra 74XXip (H323 terminal family)
Aastra 800 (or A800)
Aastra A1023i
Aastra Alarmserver
Aastra BluStar Client
Aastra BluStar Server
Aastra BluStar Web
Aastra Clearspan (AudioCodes eSBC / Gateway)
Aastra Centergy Virtual Contact Center
Aastra CMG
Aastra D.N.A. Application Suite
Aastra DECT handset programming units
Aastra Dialog 5446ip, 4XXXip (H323 terminal family)
Aastra DT390, DT690 and CPDM 3 (DECT)
Aastra DT413, DT423, DT433
Aastra InAttend
Aastra IPBS 433/434/430/440
Aastra Open Interfaces Platform
Aastra OpenCom 1000 family (OC1000, OC1010)
Aastra OpenCom 100
Aastra OpenCom 130
Aastra OpenCom 150
Aastra OpenCom 510
Aastra OpenCom x320
Aastra PointSpan
Aastra Redirection and Configuration Service (RCS)
Aastra SIP DECT
Aastra Open Mobility Manager (SIP DECT)
Aastra OpenMobility (RFP32/35/36/37/42/43)
Aastra OpenPhone 7x IP
Aastra Solidus eCare 7.0 SP8
Aastra Solidus eCare 8.2 SP1
Aastra TA7102i
Aastra TA7104i
The following products are under investigation
§ MItel MiContact Center Live
§ Mitel MiVoice 5610 DECT Handset and IP DECT Stand
§ Mitel MiVoice Communications Director (Stratus)
§ Mitel MiVoice MXe Server
§ Mitel Standard Linux
§ Mitel WSM, WSM-3 (Ascom OEM)
§ Mitel OIG
§ Aastra 340w and 342w
§ Aastra AMCC (Aastra Mobile Clients & Controller)
§ Aastra BluStar 8000i
§ Aastra IP-DECT for OC1000 family
§ Aastra OneBox FaxMail
§ Aastra OneBox VoiceMail
§ Aastra Open Messaging
§ Aastra Rack Charger for DT390, 69x, 4x3
§ Aastra RightFax
§ Aastra S850i (Revolabs OEM)
§ Aastra SIP DECT Lite
§ Aastra Telephony Switch (TSW)

Starting List