OES2 SP2 shellshock bash vulnerability


I have two OES2 SP2 servers that run on SLES 10.3 that we use as file servers only
I am trying to fix bash or find a work around so they are not vulnerable to the shellshock vulnerability.
There is no patch for OES2 SP2 and I am unable to do online updates anyway. It is broken and never has worked very well.
Is there a way I can update bash without using the online update service?

We are planning to use these servers for only a few more months before we move to MS servers.

Is it possible to me to disable tomcat and apache to prevent any exploits? Would it still work as a file server. I can use imanager on another server in the tree for user management.

I'm just trying to get through the next few months without breaking our servers and without being vulnerable.

Parents Reply Children