Applies To
- Zenoss Resource Manager 5.0.x
- Zenoss Resource Manager 4.2.x
- Zenoss UCS-PM 1.0/1.1
Summary
The GHOST vulnerability (https://access.redhat.com/articles/1332213) enables remote attackers to take control of a system by exploiting a buffer overflow bug in glibc's GetHOST functions. It exploits gethostbyname() and gethostbyname2() calls and results in the ability to execute arbitrary code. This vulnerability affects all versions of glibc 2.17 and lower.
Neither Zenoss Resource Manager (vers 4.2.4 & 5.0.0) nor Zenoss UCS-PM are affected by this issue because they employ an updated version version of glibc, see https://www.digitalocean.com/community/tutorials/how-to-protect-your-linux-server-against-the-ghost-vulnerability for additional information.
Comments