| Thread Tools |
3rd October 2014, 07:56 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,802
| QNAP Releases Qfix 1.0.1 to Path GNU Bash Vulnerability QNAP Systems, Inc. today released the Qfix 1.0.1 patch for its Turbo NAS lineup to address the GNU Bash Environment Variable Command Injection Vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278, CVE-2014-7186, and CVE-2014-7187), also known as "Shellshock," that can allow attackers to gain remote control over UNIX/Linux-based systems. QNAP has previously released QTS version 4.1.1 Build 0927 to resolve CVE-2014-6271 and CVE-2014-7169. With Qfix 1.0.1 more vulnerabilities including CVE-2014-6277, CVE-2014-6278, CVE-2014-7186, and CVE-2014-7187 are now resolved. Users are strongly urged to immediately install Qfix 1.0.1 on their Turbo NAS. http://www.techpowerup.com/205929/qn...erability.html |
Thread Tools | |
| |