This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Knowledge Base Archive
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- NetWitness Knowledge Base Archive
- GNU C Library Buffer Overflow aka "GHOST" Vulnerability (CVE-2015-0235) in RSA products
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
GNU C Library Buffer Overflow aka "GHOST" Vulnerability (CVE-2015-0235) in RSA products
Article Number
000029506
Applies To
All RSA products
Issue
On January 27, 2015, a vulnerability was publicly announced in the Linux glibc library. The researchers at Qualys discovered a heap-based buffer overflow (also known as "GHOST" vulnerability) in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could potentially use this flaw to execute arbitrary code with the permissions of the user running the application.
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID CVE-2015-0235. The details for this vulnerability can be found using the link to Qualys Advisory:
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
This vulnerability has been assigned the Common Vulnerabilities and Exposures (CVE) ID CVE-2015-0235. The details for this vulnerability can be found using the link to Qualys Advisory:
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
Resolution
RSA is aware of and investigating this issue to identify the product impact. The level of impact may vary depending on the affected product. The following table contains the latest available impact information. This table will be updated as additional information becomes available.
| RSA Product Name | Versions | Impacted? | Details | Last Updated |
|---|---|---|---|---|
| 3D Secure / Adaptive Authentication eCommerce | ALL Supported | Impacted - Remediated | 3/2/2015 | |
| Access Manager | ALL Supported | Not impacted | Access Manager ships as software only and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 1/29/2015 |
| Adaptive Authentication Hosted | ALL Supported | Impacted - Remediated | 3/2/2015 | |
| Adaptive Authentication On Prem | ALL Supported | Not Impacted | AAoP is software only and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 2/10/2015 |
| Archer Hosted | N/A | Investigating | ||
| Archer Platform | ALL Supported | Not impacted | Archer (Platform) ships as software only and does not support Linux OS | 2/10/2015 |
| Archer SecOps | ALL Supported | Not impacted | 1/28/2015 | |
| Archer Vulnerability & Risk Manager (VRM) | ALL Supported | Impacted | VRM is impacted only via Security Analytics Warehouse (SAW), please refer to SAW assessment and remediation | 2/27/2015 |
| Authentication Manager Software Platform | 6.1 | Not impacted | 1/28/2015 | |
| Authentication Manager Software Platform | 7.1 | Not impacted | 1/28/2015 | |
| Authentication Manager Appliance | 3.0.4 | Impacted | The product contains the vulnerable version of glibc, but, based on RSA’s analysis, it is not believed to be exploitable. For details, refer to KB article 000029576 | 2/18/2015 |
| Authentication Manager Appliance | 8.1.1 (and earlier) | Impacted | The product contains the vulnerable version of glibc, but, based on RSA’s analysis, it is not believed to be exploitable. For details, refer to KB article 000029576 | 2/18/2015 |
| Authentication Manager Express | 1.0 | Impacted | The product contains the vulnerable version of glibc, but, based on RSA’s analysis, it is not believed to be exploitable. For details, refer to KB article 000029576 | 2/18/2015 |
| BSAFE | ALL Supported | Not impacted | BSAFE ships as toolkit only and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 1/29/2015 |
| Data Loss Protection | 9.5.x & 9.6.x | Impacted | This issue has been resolved with patches for DLP 9.5.x and 9.6.x | 3/25/2015 |
| Data Protection Manager | 3.2.x & 3.5.x | Impacted | This issue has been resolved with patches 3.2.4.4.1 and 3.5.2.3 | 3/17/2015 |
| Digital Certificate Solution | ALL Supported | Not impacted | DCS ships as software only and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 1/29/2015 |
| ECAT | ALL Supported | Not impacted | 1/29/2015 | |
| enVision | ALL Supported | Not impacted | 1/29/2015 | |
| Federated Identity Manager | ALL Supported | Not impacted | FIM ships as software only and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 1/29/2015 |
| FraudAction | ALL Supported | Investigating | ||
| IMG (Aveksa) MyAccess Live | ALL Supported | Impacted - Remediated | 2/27/2015 | |
| IMG (Aveksa) On-Prem Platform | ALL Supported | Impacted | This issue will be resolved with patches 6.9.0 P03 (tentative target date early Mar) and 6.8.1 P13 (tentative target date late Mar) | 2/27/2015 |
| IMG (Aveksa) Appliance | ALL Supported | Impacted - Remediated | Updated the patch appliance updater for download | 1/30/2015 |
| IMG (Aveksa) StealthAudit | ALL Supported | Not impacted | 1/30/2015 | |
| Netwitness | 9.6.x, 9.7.x, 9.8.x | Impacted - Remediated | This issue has been resolved with Q4 2014 Security Patch | 2/23/2015 |
| Netwitness Informer | 1.x | Not impacted | 1/29/2015 | |
| RSA Central | ALL Supported | Impacted | Remediation plan in progress | 1/29/2015 |
| RSA Live Infrastructure | ALL Supported |
Impacted - Remediated | 1/29/2015 | |
| SecurID Agent for PAM | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Agent for Web | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Agent for Windows | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Authentication Engine | ALL Supported | Not impacted | 1/29/2015 | |
| SecurID Authentication SDK | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Software Token Converter | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Software Token for Android | ALL Supported | Not impacted | 1/29/2015 | |
| SecurID Software Token for Blackberry | ALL Supported | Not impacted | 1/29/2015 | |
| SecurID Software Token for Desktop | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Software Token for iPhone | ALL Supported | Not impacted | 1/29/2015 | |
| SecurID Software Token for Windows Mobile | ALL Supported | Not impacted | 1/29/2015 | |
| SecurID Software Token Toolbar | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Software Token Web SDK | ALL Supported | Not impacted | 1/28/2015 | |
| SecurID Transaction Signing SDK | ALL Supported | Not impacted | 1/28/2015 | |
| Security Analytics Platform Physical and Virtual Appliances | 10.0.x-10.4.x | Impacted - Remediated | This issue has been resolved with Q4 2014 Security Patch | 2/23/2015 |
| Security Analytics Malware Analytics | 10.0.x-10.4.x | Impacted - Remediated | This issue has been resolved with Q4 2014 Security Patch | 2/23/2015 |
| Security Analytics Malware Cloud | N/A |
Impacted - Remediated | 1/29/2015 | |
| Security Analytics (Windows Legacy Collector) | 10.0.x-10.4.x | Not impacted | ||
| Security Analytics Warehouse (DCA Pivotal) | Impacted | Please follow guidance from Pivotal | 1/29/2015 | |
| Security Analytics Warehouse (MapR) | Impacted - Remediated | This issue has been resolved with Q4 2014 Security Patch | 2/23/2015 | |
| Spectrum | 1.x | Impacted - Remediated | This issue has been resolved with Q4 2014 Security Patch | 2/23/2015 |
| Web Threat Detection (Silvertail) | ALL Supported | Not Impacted | WTD is a software application and does not ship with Linux OS. Follow OS vendor guidelines to patch underlying host | 2/10/2015 |
Notes
Disclaimer
Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact RSA Software Technical Support at 1- 800 995 5095. RSA Security LLC distributes RSA Security Advisories, in order to bring to the attention of users of the affected RSA products, important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided 'as is' without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall RSA or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact RSA Software Technical Support at 1- 800 995 5095. RSA Security LLC distributes RSA Security Advisories, in order to bring to the attention of users of the affected RSA products, important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided 'as is' without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall RSA or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.
No ratings
