CVE-2015-0235 - GHOST - Threat Management Center
Transcription
CVE-2015-0235 - GHOST - Threat Management Center
hp.com/go/tippingpoint January 30, 2015 To: HP TippingPoint Customers Subject: CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow Dear Valued Customer With the recent disclosure and announcement of the GHOST buffer overflow vulnerability, HP TippingPoint has performed a technical review of our product lines to evaluate the potential exposure to this critical security issue. Background Information GHOST is a 'buffer overflow' vulnerability affecting the gethostbyname() and gethostbyname2() function calls in the Linux glibc library. This vulnerability allows a remote attacker to execute arbitrary code with the permissions of the user running the application. Technical Review Results IPS: The Intrusion Prevention System (IPS) does not use the vulnerable glibc library, and as such is not affected by the GHOST vulnerability. No further action is required. SMS/NGFW: The Security Management System (SMS) and the Next Generation Firewall (NGFW) are using the vulnerable glibc. However both the SMS and NGFW are hardened systems that do not expose direct access to the vulnerable glibc library. The vulnerability is exposed indirectly to those users who have administrative access to the system. HP TippingPoint has not identified any mechanism that exploits the GHOST vulnerability even for those users that have administrative access. No further action is required if the administrative login remains secure. HP TippingPoint will continue to investigate this vulnerability and will make additional notifications if any exploit mechanisms are discovered and remediation is available. For questions or technical assistance on any HP TippingPoint product, please contact the HP TippingPoint Technical Assistance Center (TAC). Thank you, HP TippingPoint Support Contact Information: HP TippingPoint TAC Toll Free: 866 681 8324 | International: +1 512 681 8324 Email: [email protected] © 2014 Hewlett-Packard Development Company, L.P.