Panzura Security Advisory PZOS-2015-001

Issue Date: 01/29/2015
Updated Date: 01/29/2015
Title: GHOST: glibc gethostbyname buffer overflow
Classification: Medium
Status: Closed
Affected Products: None

Summary

Qualys security researchers discovered a buffer overflow condition that could lead to unauthorized control of a system by a remote attacker. The buffer overflow bug does not exist in any version of PZOS.

Details

Qualys security researchers discovered a buffer overflow condition in glibc’s __nss_hostname_digits_dots() function. An attacker can cause an overflow and force the machine to execute unauthorized code. The code can then give the attacker complete control of the system. More details can be found at https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerabilityand https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

Resolution

Panzura software is not at risk from this vulnerability.

Back to Advisories List