Xceedium Enhances Xsuite with Real-Time Shellshock Vulnerability Detection

New Capability Extends Privileged Account Security Protection for Large Enterprises Running UNIX

HERNDON, Va.--()--Xceedium®, Inc., the premier provider of privileged identity management for enterprise environments, today announced that its flagship product, Xsuite®, now has the capability to alert privileged users of servers susceptible to the Shellshock vulnerability.

At login time, Xsuite can now dynamically perform a panel of tests to determine if a server or other asset has been patched to address the vulnerability within the Bash shell. A warning can be delivered to the user, and its discovery logged, in the event an unpatched system is found. Privileged users can then determine whether to proceed to use a potentially compromised device or to log out and arrange for remediation. Log messages can be funneled to a security information and event management (SIEM) or log management system in real-time, to help drive or complement the vulnerability remediation process.

“Given the pervasiveness of the Shellshock vulnerability, it’s expected patching and remediation efforts may take some time to complete, particularly in large-scale cloud and virtualized environments,” noted Mordecai (Mo) Rosen, Chief Operating Officer of Xceedium. “The sensitive nature of privileged users’ activities demands a high degree of confidence in the integrity of systems—and this inline vulnerability check provides those users with a real-time check on the status of the systems they’re responsible for maintaining and operating.”

Privileged users, and their credentials, continue to be targeted by attackers in an ongoing series of high-profile security breaches. Xceedium’s Xsuite introduces a new layer of security that protects privileged accounts and credentials, and defends privileged access from exploit and compromise.

Shellshock Bash Vulnerability Details

Bash is a command language interpreter (or “shell”) for the GNU Operating System, and is the default shell for Linux and Mac OS X operating systems. It was written by Brian Fox for the GNU Project as a free software replacement for the Bourne Shell used in Unix. The Bash name is an acronym for ‘Bourne-Again SHell’, a pun on Stephen Bourne, the author of the direct ancestor of the current Unix shell sh, which appeared in the Seventh Edition Bell Labs Research version of Unix.

A flaw was discovered by Red Hat Security Researchers in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. This vulnerability was identified as CVE-2014-6271.

The original remediation for 6271 was not complete, and still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands.

Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. As a result, CVE-2014-7169 was created to address these remaining vectors. CVE-2014-6271 is considered to be more severe than CVE-2014-7169, per RedHat, the team that discovered the original Bash vulnerability.

About Xsuite

Xsuite, unlike other products, is specifically designed and purpose-built to satisfy the demanding privileged identity management requirements of enterprise information technology infrastructure. Today’s enterprise IT–comprising an organization’s entire computing fabric from traditional on-premise network equipment and servers, to virtual and public cloud based infrastructure–brings with it demanding new challenges for privileged identity management. Traditional, first generation solutions are ill-equipped to address these needs:

  • Comprehensive Functionality – Xsuite delivers comprehensive functionality, including password and SSH access key management, strong authentication integrated with multi-factor security technologies, access control, user monitoring and recording, and proactive policy enforcement.
  • Single Platform for Enterprise and Cloud – Xsuite enables a single set of policies across the entire cloud and traditional data center, ensuring consistent standards, easier compliance reporting, and reduced administrative overhead.
  • Architected for Scale and Dynamism – Tight integration with Amazon Web Services and VMware vSphere and NSX enable Xsuite to automatically identify resources as they’re created, and automatically apply and enforce security policies. Xsuite’s automated protections reduce “mean time to protection” to fractions of a second. Xsuite also delivers the built-in reliability and availability services, like clustering, which enterprise IT demands.
  • Protection of the Extended Management Plane – Xsuite has worked extensively with both AWS and VMware to deliver tight, API-level integration and protections.

About Xceedium

Xceedium is the leading provider of privileged identity management solutions for hybrid-cloud enterprises. Large companies and global government agencies use Xceedium products to reduce the risks privileged users and unprotected credentials pose to systems and data. The company’s Xsuite platform enables customers to implement a zero trust security model. It vaults privileged account credentials, implements role-based access controls, and monitors and records privileged user sessions. With unified policy management, Xsuite enables the seamless administration of security controls across systems, whether they reside in a traditional data center, a private cloud, on public cloud infrastructure, or a combination of environments.

Xceedium’s solutions enable organizations to comply with security and privacy mandates, such as PCI DSS, FISMA, HIPAA, and NERC CIP. The company’s products provide industry-leading reliability, availability, and scalability, and they are the most highly certified products in the market, with designations including FIPS 140-2 validation, Common Criteria EAL4+ certification, and inclusion on the U.S. DOD Unified Command Approved Products List (UC/APL). For more information, please visit www.xceedium.com.

Xceedium and Xsuite are registered trademarks of Xceedium, Inc. All other trademarks, trade names, or service marks are the property of their respective owners.

Contacts

Sage Communications (for Xceedium)
Heather Dratler, 703-533-1619
hdratler@aboutsage.com

Contacts

Sage Communications (for Xceedium)
Heather Dratler, 703-533-1619
hdratler@aboutsage.com