CMS - Ghost and Samba Security Update

Doc ID		SOLN282721
Version:		4.0
Status:		Published
Published date:		31 Mar 2020
Created Date:		26 Jan 2016

Author:

Michael Ross

Details

Need solution to vulnerabilities, Sev 5 CVE-2015-0235 CVE-2015-0240 and Sev 4 listed below
cms 17during security scans

Problem Clarification

Customer wants information on how to patch the following vulnerabilities:
5 CVE-2015-0235 CVE-2015-0240
List of Sev 4:
CVE-2014-9419, CVE-2014-9420, CVE-2014-9585, CVE-2015-1805, CVE-2015-3331
CVE-2014-9679, CVE-2015-1158, CVE-2015-1159
CVE-2015-4620
CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
CVE-2015-3245, CVE-2015-3246
CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
CVE-2015-6908
CVE-2015-4491
CVE-2015-0204

Cause

Security Reports

Solution

CVE-2015-0235 glibc vulnerability (“street name” of GHOST) RHSA-2015-0092

https://downloads.avaya.com/css/P8/documents/101006704

The risk is rated Medium for all listed products because the exploit would require local account access. Remote attack may not be possible, because either the DNS server is not running or the products sanitize the input and provide name resolution to trusted hosts only within the enterprise. Additionally, the known affected programs or utilities are not used or additional protection mechanisms are in place that may further mitigate the risk from this exploit.

samba security update (RHSA-2015-0251) CVE-2015-0240

https://downloads.avaya.com/css/P8/documents/101008652

There is no risk for CMS, Experience Portal (EP) and one-X Client Enablement Services (on-X CES) because exploit requires samba server (smbd) which is not installed, only samba-client, samba-common, samba-winbind and/or samba-winbind-clients are installed.

Additional Relevant Phrases

EP CMS

Avaya -- Proprietary. Use pursuant to the terms of your signed agreement or Avaya policy