Search the VMware Knowledge Base (KB)
View by Article ID

VMware Data Recovery 2.0.4 Express Patch Release (2091015)

  • 0 Ratings

Details

Release date: October 01, 2014

Build: 2171775

This patch updates Bash libraries in VMware Data Recovery to resolve multiple critical security issues. The vulnerability is also referred to as Shellshock. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, and CVE-2014-7187 to these issues.

VMware Data Recovery might use the Bash shell which is part of the Linux operating system. In case the operating system has a vulnerable version of Bash, the Bash security vulnerability might be exploited through VMware Data Recovery.

Solution

VMware Data Recovery 2.0.4 resolves the Bash shell vulnerability.

If you are running VMware Data Recovery 2.0.x, upgrade to VMware Data Recovery 2.0.4. See Upgrading Data Recovery in the Upgrading to Data Recovery 2.0.4 section of the VMware Data Recovery 2.0.4 Release Notes for instructions about updating VMware Data Recovery.

Note: Applications installed on Windows are not affected. Applications installed on a Linux operating system that is not part of a virtual appliance might be at risk. Contact the vendor of your Linux-based operating system for advice and patches.

Additional Information

For translated versions of this article, see:

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: