MATLAB Answers

George
0

What is MathWorks’ response to the Shellshock vulnerability?

Asked by George
on 14 Oct 2014
Latest activity Answered by Stefan David on 9 Nov 2017
The Shellshock security vulnerability was disclosed on September 24, 2014. How does the Shellshock software bug affect MathWorks products?

  0 Comments

Sign in to comment.

2 Answers

Answer by George
on 14 Oct 2014
Edited by George
on 17 Nov 2014
 Accepted Answer

MathWorks products such as MATLAB, Simulink, and Toolboxes do not contain the Bash shell and are not affected by the Shellshock vulnerability.
The Raspberry Pi v14.2 hardware support package contained a vulnerable version of the Bash shell and was fixed on October 1, 2014.
The Beagle Board hardware support package contained a vulnerable version of the Bash shell and was fixed on November 17, 2014.
Support packages for PandaBoard (v14.2) and Gumstix (v14.2) contain vulnerable versions of the Bash shell. The default configuration of these support packages does not expose this vulnerability to a network connection. We recommend running these devices inside of a trusted network or behind a firewall. We will update these packages as updated software is available.

  0 Comments

Sign in to comment.


Answer by Stefan David on 9 Nov 2017

Hi, I just found the question about heartbleed here and thought it may be good to connect it to the referenced article below, as MathWorks has tools that can detect issues such as Heartbleed and help to harden applications against security vulnerabilities:
https://blogs.mathworks.com/simulink/2014/04/10/how-polyspace-could-have-detected-the-vulnerability-in-apples-ios/

  0 Comments

Sign in to comment.