• State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 22 subscribers
  • Views 511 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Bash shell vulnerability in LEM

jamie_p

Been reading about this Bash shell vulnerability that could be exploited so ran the test on my LEM appliance and confirmed it is also affected by the bug.  Will an update be released?

http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-hole-on-anything-with-nix-in-it/

  • FormerMember
    0 FormerMember

    Hi Jamie,

    We are investigating the issue internally. Assuming like you say the LEM appliance is vulnerable, there are a few mitigating factors:

    1. LEM customers use a limited access shell to manage and maintain LEM, which does not use bash except when running external shell commands to make changes.
      1. This shell also does not allow customers to set or modify environment variables, so even when we do shell out commands, it shouldn't be possible to trigger the exploit.
    2. It is possible to limit SSH access to LEM (for the limited shell or support-only users that have true bash shells) via the "restrictssh" command.
    3. The last remaining vector for usage of the limited (or support) shell is the virtual appliance equivalent of physical access, which should be limited.

    When we've determined the scope and resolution, we'l determine when the update will be released as well. Stay tuned....

  • FormerMember
    0 FormerMember

    In case you missed it: ShellShock Vulnerability and SolarWinds Products

    LEM does have a vulnerable bash version, but it is not possible to exploit. We'll update in an upcoming release regardless.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.