GHOST is a 'buffer overflow' bug affecting the gethostbyname()
and gethostbyname2()
function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.
The mitigation patch for the vulnerability was included between patch glibc-2.17 and 2.18, (May, 2013), the vRanger 7.X software family first release (7.0) was GA on 4/10/2014 this means that for any VA versions 7.0.6, 7.1.1, and 7.1.4 the patch is included within the VA kernel (3.10.X).
Recommend upgrading to version 7.3 vRanger and upgrade the VA in order to address the vulnerability.
vRanger 6 VA's have glibc-2.11 which is vulnerable.
The physical Restore ISO has glibc 2.11 for both versions of vRanger 6 through 7.2.1 are vulnerable.
To verify the glibc version on your VA, login to the VA as Root and run ldd --version (two dashes before version)
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center