DX Application Performance Management

Expand all | Collapse all

New KB on Shellshock Security Vulnerability & TIM

  • 1.  New KB on Shellshock Security Vulnerability & TIM

    Posted 09-29-2014 01:45 PM

    This is released with the approval of Product Management

     

    https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC618037

     

     

     

    Knowledge Base
    Article

     

     

    Components:

     

     

    CUSTOMER EXPERIENCE MANAGER: 9.0, 9.1, 9.5, 9.6

     

     

    Last
    Date
    :    09/29/2014

     

     

    Document
    ID
    :    TEC618037

     

     

    Tech Document

     

     

    Title:  Bash Code Injection aka "Shellshock" and CEM TIM and
    TIMSoft

     

     

     

     

     

    Versions affected:

     

     

    Standalone
    CEM TIM (9.6 and higher) and TIMSoft (Other 9.x versions)

     

     

    Description:

     

     

    The CEM Transaction Impact Monitor (TIM) is a passive network probe that collects
    business transaction information on HTTP/HTTPS traffic through a network span
    or tap. The CEM TIM is a C++ based application that runs on specific versions
    of the Linux operating system and does not use the Bash shell for any of its
    operational functions, however prior to version 9.6, the TIM installation
    script does use the bash shell.

     

     

    Ithas been recently disclosed by industry experts that most versions of Unix,
    Linux, OSX and other variants are susceptible to a security issue that allows
    the execution of bash code injection. This is being referred to in the media as
    "Shellshock".

     

     

    Solution:

     

     

    CA
    takes these issues seriously and will be adding this patch to the latest 9.5.x
    TIMSoft software updates in the future as part of our regular release schedule.

     

     

    Customers
    on the "software only" distribution (9.6+) of the TIM should
    investigate updating their operating systems with the latest security patches
    from RedHat/CentOS.

     

     

    For
    customers on the TIMSoft, a RedHat software appliance, who cannot wait for the
    update of the distribution, we recommend that you investigate RedHat issue CVE-2014-6271. This contains the information
    on where to obtain the patch and how to install it.

     

     

    Note:
    Since at this time we have not certified that the patch does not affect the TIM
    installer pre 9.6, you should not patch the OS till the TIM software is
    installed on the TIMSoft image.

     

     

    Each
    TIMSoft image may have different a RedHat OS level depending on the exact
    revision of TIM software versions 9.1 or 9.5. If you need to determine the OS
    version specifics to download the patch from RedHat you may use the following
    command in an SSH or console session:

     

     

    ~# lsb_release -a

     

     

     

     



  • 2.  Re: New KB on Shellshock Security Vulnerability & TIM

    Posted 09-29-2014 01:53 PM

    An advisory with more information will be released by Product Management..