Xerox Security Bulletin XRX14-008 V1.0 (PDF 1M)

Xerox Security Bulletin XRX14-008
Bash Shellshock Command Line Interpreter Vulnerability

A vulnerability has been discovered in the Bash command shell that can allow attackers to remotely execute commands on a target system. Even systems that don’t allow remote command shell connections may still use Bash to execute commands in the Apache web server and other network-facing applications. Unix and Unix-derived systems like Linux and Mac OS X are vulnerable to these attacks since they use Bash as the default command shell.

A Bash Shellshock document addressing this vulnerability has been posted to the Xerox Security Site.

NOTE: Review the bulletin for a more complete list of devices.