Incapsula WAF Patched to Protect Against “Shellshock” Vulnerability (CVE-2014-6271 and CVE-2014-7169)

Incapsula WAF Patched to Protect Against “Shellshock” Vulnerability (CVE-2014-6271 and CVE-2014-7169)

Yesterday, a security researcher released the details of a major security vulnerability in Bash, a.k.a. Bourne-Again Shell, a popular software utility.

The vulnerability, known as Shellshock, will be a serious problem for many Linux, Unix, and Mac OS X users.

In order to protect our customers from being affected by Shellshock, Incapsula has proactively updated its Web Application Firewall (WAF) rules to block the vulnerability.

The newly implemented security Incapsula rules work in multiple stages to ensure that Shellshock cannot be exploited on systems protected by the Incapsula WAF.

As a best practice, administrators of any systems running Bash should patch their systems as soon as patches for their distributions are available, even if those systems are already protected by Incapsula. Mjor Linux distributions such as Redhat, have already released patches.

Some vendors and third parties have already gone as far as creating simple diagnostic tools which can be run after patching to make sure that the vulnerability is closed and unexploitable on your system.

Technical details for Shellshock and affected versions for this vulnerability can be found in the National Vulnerability Database using the ID’s CVE-2014-6271 and CVE-2014-7169.

We are working on a detailed analysis of the Shellshock vulnerability which will be posted as a follow up to this post.