GNU C Library (glibc) GetHOST "GHOST" Vulnerability
ScaleArc is aware of the security vulnerability in glibc titled GNU C Library (glibc) identified on January 27th, 2015. It has been determined that ScaleArc’s software appliance was not affected. However the base operating system (OS) that ScaleArc utilizes is vulnerable, and like most Linux-based systems, needs to be patched. Please keep reading for additional information as well as detailed steps to check for the vulnerability and apply the update to your systems.
(From RedHat Security BLOG)
Red Hat Product Security has been made aware of a critical vulnerability in the glibc library, which has been assigned CVE-2015-0235and is commonly referred to as 'GHOST'. All versions of glibc shipped with all variants of Red Hat Enterprise Linux are affected. GHOST is a 'buffer overflow' bug affecting the
gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application. The
gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.
- NIST - National Vulnerability Database (CVE-2015-0235)
- RedHat CVE Database (CVE-2015-0235)
- US-CERT (notice)
Impact on your ScaleArc Deployment
DO NOT perform an update of the entire system.
At this time, the ScaleArc Security Response Team (SSRT) is not aware of any breaches to either our internal systems or any of our customers utilizing our software appliances and we will update this document once we have additinal information. Future build versions of the ScaleArc software will be deployed with this update already in place.
If you have any questions specific to ScaleArc appliances, images, or other deployments, please contact ScaleArc Support directly using our Support Portal: https://support.scalearc.com
This Article is also available here: http://support.scalearc.com/kb/articles/700-openssl-srtp-memory-leak-and-poodle-vulnerability