目錄表
CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow
CVE-2015-0235, is a Linux based vulnerability that was recently discovered. Imperva is treating this vulnerability with utmost importance.
Further Reading
About Networking Vendors
- Many vendors talk about this issue.
| Vendor | Vulnerable | Announcement | Announce Date |
|---|---|---|---|
| A10 | Yes | A10 Security Advisories | 2015-01-28 |
| Arbor Networks | Yes | Internal Field(login required) | 2015-01-29 |
| Arista Networks | Yes | AristaSecurity Advisory | 2015-01-28 |
| Aruba Networks | Not responded | Aruba Security Advisory | - |
| Avaya | Yes | Avaya Security Advisories | 2015-01-28 |
| BlueCoat | Yes | BlueCoat Security Advisories | 2015-01-28 |
| Brocade | Not Accessible | Brocade Security Advisory | 2015-01-29 |
| Cellopoint | Not responded | Cellopoint News | - |
| CheckPoint | Yes | CheckPoint | 2015-01-27 |
| Cisco | Ye | Cisco | 2015-01-28 |
| Dlink | Not responded | ||
| Enterasys (Part of Extreme) | Yes | Extreme Security Materials | 2015-01-29 |
| Extreme Networks | Yes | Extreme Security Materials | 2015-01-29 |
| F5 | Yes | F5 Security Advisory | 2015-01-27 |
| FireEye | Investigating… | FireEye Statement | 2015-01-27 |
| Fortinet | Yes | FortiGuard | 2015-01-28 |
| iMPERVA | Yes | iMPERVA Security Advisory | 2015-01-29 |
| Juniper | Investigating, so far no | Juniper KB | 2015-01-28 |
| McAfee | Yes | McAfee Security Bulletin | 2015-01-27 |
| NetAxle | Not responded | NetAxle | – |
| Palo Alto | Not responded | Palo Alto | - |
| Radware | Not responded | Support | - |
| Ruckus Wireless | Not responded | Ruckus Security | – |
| Silver Peak | Not responded | Silver Peak Security Advisory | - |
| Sophers | Not responded | Sophers Support | - |
| Sourcefire (Part of Cisco) | Check Cisco | - | |
| Splunk | Yes | Splunk Answers | 2015-01-28 |
| TippingPoint | Yes | PDF at TMC | 2015-01-30 |
| VMware | Investigating… | VMware KB | 2015-01-29 |
| Websense | Yes | Websense | 2015-01-28 |
Best Practices
- Update to latest glibc.