GroupWise vulnerability with GNU Bash Remote Code Execution (aka ShellShock)

  • 7015719
  • 30-Sep-2014
  • 02-Oct-2014

Environment

Novell GroupWise 6.5
Novell GroupWise 7
Novell GroupWise 8
Novell GroupWise 2012
Novell GroupWise 2014

Situation

Novell GroupWise includes an entitlement to SLES and it is SLES that is affected by the GNU Bash Remote Code Execution vulnerability(also known as ShellShock or Bash Bug) and the Mozilla Network Security Services (NSS) vulnerability.
Any installation of Novell GroupWise running on OES or SLES may be affected as detailed in the following Common Vulnerabilities and Exposures (CVE) identifiers:

Further information regarding these security issues can be found here:

Resolution

All updates and patches are available through the SLES support channel.  Current status regarding these vulnerabilities are published here:
https://support.microfocus.com/kb/doc.php?id=7015702

Additional Information

This vulnerability does not effect any GroupWise components running on a Windows Operating System.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.