Technical Bulletin: Shellshock

Technical Bulletin: Raritan Products are NOT vulnerable to Shellshock (Bash) Bug

Raritan products are NOT vulnerable to the new Shellshock (Bash) bug that causes Bash to execute commands from environment variables. This includes vulnerabilities such as:

  • SSH Attacks
  • DHCP attacks
  • Email attacks
  • Offline attacks
  • Restricted shell attacks

Please note the following about Raritan products:

  • Dominion KX3, Dominion KX2, Dominion SX and KSX2, Dominion KX2-101-V2, and Dominion LX do not use Bash so they are NOT vulnerable.
  • PX-*, BCM-*, PX2-*, PX3-*, PXE-*, SCH-*, PX3TS-* do not use BASH so they are NOT vulnerable.
  • CC-SG, and dcTrack use a version of Bash reported in CVE, however they do not use methods that can be exploited as listed CVE IDs. They are NOT vulnerable. 
  • PowerIQ does not use CGI scripts which would allow environment variables to be set by the web server and executed via the bash shell, therefore it is NOT vulnerable.

Learn more about this vulnerability: