View Single Post
Old 01-28-2015, 09:03 AM
jmunfo jmunfo is offline
Join Date: Jan 2015
Posts: 2
jmunfo has 11 reputation points
Default CVE-2015-0235 GHOST vulnerability

Is anyone aware of the impact that CVE-2015-0235 GHOST vulnerability has on Avaya CM products?

As you may have already heard, a high severity vulnerability affecting Linux GNU C Library (glibc) was announced this morning. The vulnerability known as GHOST (CVE-2015-0235) affects many systems built on Linux starting with glibc-2.2 as well as Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7 and Ubuntu 12.04, and allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials.

We are recommending all Qualys customers take immediate action by scanning with the Qualys Vulnerability Management (VM) cloud solution as QID 123191. You can get reports detailing enterprise-wide exposure during your next scanning cycle to get visibility into the impact within your organization and efficiently track the remediation progress of this serious vulnerability. If you think you may be affected, patches are available from all of the Linux vendors starting today.

For more information on GHOST, follow the conversation on our Laws of Vulnerabilities blog.

Reply With Quote