Follow

About the GHOST Vulnerability and Zenoss UCS-PM / Resource Manager

Applies To

  • Zenoss Resource Manager 5.0.x
  • Zenoss Resource Manager 4.2.x
  • Zenoss UCS-PM 1.0/1.1

Summary

The GHOST vulnerability (https://access.redhat.com/articles/1332213) enables remote attackers to take control of a system by exploiting a buffer overflow bug in glibc's GetHOST functions. It exploits gethostbyname() and gethostbyname2() calls and results in the ability to execute arbitrary code. This vulnerability affects all versions of glibc 2.17 and lower.

Neither Zenoss Resource Manager (vers 4.2.4 & 5.0.0) nor Zenoss UCS-PM are affected by this issue because they employ an updated version version of glibc, see https://www.digitalocean.com/community/tutorials/how-to-protect-your-linux-server-against-the-ghost-vulnerability for additional information.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk