Freak - Shellshock and Ghost vulnerabilities - c06234555
PrinterOn has performed a review of the recent security vulnerabilities including Shellshock, Ghost (CVE-2015-0235) and Freak (CVE-2015-0204).
PrinterOn managed services are not exposed any risk to these vulnerabilities.
PrinterOn regularly reviews and applies critical security updates to ensure that services are up to date and protected.
For PrinterOn’s managed services, PrinterOn has also designed the architecture using modern methodologies to ensure the least exposure and servers are protected not only by software but though firewalls and other security hardware.
In regards to PrinterOn’s On-Premise solution, the Ghost and Freak vulnerabilities do not apply as they are specifically Linux related.
Shellshock is not a risk with the default installation and deployment configuration.
Shellshock only applies if APR is manually enabled after installation in Tomcat and the IT staff have not applied the needed updates to Tomcat.
PrinterOn regularly updates all components to ensure that they include the necessary improvements, future versions will be updates as a regular process to include all community fixes.
NOTE:
Applies to PrinterOn Enterprise 3.0 and older, resolved in PrinterOn Enterprise 4.x and later.