CVE-2015-0235 on Oracle Database Appliances

Similar Messages

• Glibc GHOST vulnerability # CVE-2015-0235.

  Please suggest patch for glibc GHOST vulnerability # CVE-2015-0235 in Oracle Linux server.Please find below details:-
  ./ghost
  Linux JBLDCVSNPRE01 2.6.39-400.214.6.el6uek.x86_64 #1 SMP Thu May 8 03:38:30 PDT 2014 x86_64 x86_64 x86_64 GNU/Linux
  Red Hat Enterprise Linux Server release 6.5 (Santiago)
  Installed glibc version(s)
  - glibc-2.12-1.132.el6_5.1.x86_64: vulnerable

  Hi,
  Please refer this links,
  Linux GHOST vulnerability (CVE-2015-0235) is not as scary as it looks | Symantec Connect
  https://rhn.redhat.com/errata/RHSA-2015-0090.html
  Regards,
  S27

• Re: glibc GHOST vulnerability # CVE-2015-0235.

  Hi,
  I tried hijacking someone else's forum thread for my own issue, but a kind forum moderator branched it away to (hopefully) stand on its own merits instead of ripping attention away from that original discussion.
  We have an Oracle Appliance ( OVCA ), I am trying to find patch policy of Oracle for the OVCA and OVM environments.
  I read Doc 1965975.1 on MOS but this is explicit for Exalogic.
  So I am not sure if I should install this patch on this appliances.
  Is anyone familiar with Oracle's patch policy regarding OVCA/OVM.
  Thanks in advance,
  Regards,
  Eelke.

  Oracle VM 2.2,  3.2 and 3.3 have all been patched for GHOST: linux.oracle.com | CVE-2015-0235.
  I will look into why 3.3 is listed, but I've checked the repository and the updated glibc RPMs are available. However, I'm not sure what OVCA's patching policy is, so you'd need to open an SR for that.

• CSCus68798 - ISE is vulnerable to CVE-2015-0235 Linux Ghost remote code execution

  First time trying to follow a specific CVE in Real-Time...
  I see this CVE-2015-0235 GHOST hack is applicable to ISE and Prime Infrastructure... but I haven't seen any patch status update since yesterday.
  CSA says "Obtaining Fixed Software
  Cisco has released free software updates that address the vulnerability described in this advisory."
  Yet, when I check the (2) products' download pages, the newest software I see is from Jan 23 and Jan 6, respectively. The exploit was published on Jan 27. So, where are the patches?

  The team that found the exploit, Qualys Security Advisory, documented that "the most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example."  See the link below for the full report:
  https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
  I'm assuming this is affecting all versions of UC appliances running these OS's (and possibly more that aren't used in the example?).  Anyone know how to determine what products are vulnerable to this?

• CVE-2015-0235

  Hi guys,
  Does anybody know if Solaris SUNWGlib is vulnerable to GHOST (CVE-2015-0235) ? Or it's just the Linux version of glibc?
  Thank you!

  The official statement from Oracle with regard to GHOST at this time is:
  Oracle’s security and development teams are aware of the recently disclosed vulnerability, CVE-2015-0235; or ‘Ghost’.
  Oracle has provided information about this issue for Linux.
  The URL for the information published is http://linux.oracle.com/cve/CVE-2015-0235.html.
  Please note that Solaris does not ship glibc.  Other products like Solaris Cluster, Oracle Key Manager and
  ZFSSA that have Solaris as the base or embedded operating system do not contain glibc either.
  Regards,
  Alan Hargreaves

• GHOST Security Vulnerability - CVE 2015-0235

  Dear All,
  I have 2 units of Xserve running on Maverick OS 10.9.5
  Is the Maverick OS 10.9.5 vulnerable to GHOST CVE 2015-0235 threat?
  If yes where can I download the patches?
  Please advise
  Thanks
  Izzychunwei

  No known threat to Macs at present, but will have to wait for confirmation from Apple.
  Have a read here https://jamfnation.jamfsoftware.com/discussion.html?id=13156
  Cheers
  Pete

• Oracle Database Appliance unscheduled reboot

  Our Oracle database appliance (Oracle linux server 5.9) did an unscheduled reboot last night. I've
  checked the various logs in the /var/log folder but cannot determine the cause of the reboot.
  I'd appreciate any guidance that someone can offer in determining the cause for this reboot.
  Thanks,
  steve

  A system restart can happen because:
  a) root or sudo user initiated a system restart.
  b) there was a kernel panic and the system clock stopped responding (BIOS configuration)
  c) there was a power outage or problem (BIOS configuration)
  d) the system overheated or there was a hardware issue
  /var/log/messages should indicate the time between the shutdown and when the restart happened. Sometimes this can give you some clues. Otherwise you may want to check the following:
  http://www.oracle.com/technetwork/articles/servers-storage-admin/fault-management-linux-2005816.html
  If a system resets due to external cause or root, it is usually not logged. Is the system connected to UPS power? Since you did not specify your hardware, no information can be given about other possible tools. Depending on your server you may check the iLO or iLOM event log.

• Is AsyncOS vulnerable to New Critical GLibc Vulnerability CVE-2015-0235 (aka Ghost)

  Raising for awareness in the community.
  New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
  https://isc.sans.edu/diary/New+Critical+GLibc+Vulnerability+CVE-2015-0235+%28aka+GHOST%29/19237
  Raised a support case and current update is Cicso is investigating if AsynOS is vulnerable
  Paul

  Currently it is being reviewed and looked into:
  http://tools.cisco.com/security/center/viewAlert.x?alertId=37181
  Please refer to the following information, as provided from our Product Security Incident Response Team (PSIRT):
  Complete information about reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco is available on Cisco.com at:
  http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html 
  This web page includes instructions for press inquiries regarding Cisco Security Advisories. All Cisco Security Advisories are available at:
  http://www.cisco.com/go/psirt

• CSCus68892 - N7K assess GHOST vulnerability in glibc and40;CVE-2015-0235)

  The affected releases listed for this advisory state "Known Affected Releases: (4) 4.2(8), 5.2(9), 6.1(5), 6.2(10)"
  Our 7Ks are running 6.1(2), does this mean that any code in the 6.1(x) release below 6.1(5) is affected? Or is it just 6.1(5) specifically and none other running 6.1(x)?
  Thanks,
  Jim

  Hi,
  Please refer this links,
  Linux GHOST vulnerability (CVE-2015-0235) is not as scary as it looks | Symantec Connect
  https://rhn.redhat.com/errata/RHSA-2015-0090.html
  Regards,
  S27

• CSCus68892 - N7K assess GHOST vulnerability in glibc and40;CVE-2015-0235) - 1

  Wouldn't it be a workaround to disable name resolution by configuring:
  no ip domain-lookup

  Hi,
  Please refer this links,
  Linux GHOST vulnerability (CVE-2015-0235) is not as scary as it looks | Symantec Connect
  https://rhn.redhat.com/errata/RHSA-2015-0090.html
  Regards,
  S27

• Monitoring an Oracle Database Appliance w/Ops Center?

  Is anyone using Ops Center to monitor an Oracle Database Appliance?:
  http://www.oracle.com/us/products/database/database-appliance/overview/index.html
  I'm looking for a monitoring solution that won't require a lot of 'expect' gathering/parsing work.

  A stack trace for the exception would be very useful!
  Anyway, perhaps you should check that the username/password specified in the code correspond to those required to access the database (username = "Kotzwinkle", password = "whatever"). Sometimes you can get away with specifying these in the ODBC data source, in which case you shouldn't pass them to the getConnection method.
  Hope this helps.

• Looking for info on CVE-2015-0235

  Hello,
  I'm looking for information on CVE--2015-0235 or GNC C Library (glibc) Remote Code Execution Vulnerability.
  I would like to see if the affected program is on my servers and if so is Solaris 10 effected?
  Any help would be greatly appreciated.
  Thanks

  We don't ship glibc with Solaris

• OSB installation on Oracle Database Appliance (ODA) for filesystem backup

  There does not appear to be any special documentation for installing the OSB client on an ODA.  However, the following errors occur on all of our ODAs when attempting to install the OSB client:
  [root@oda000 backup]# pwd
  /usr/local/oracle/backup
  [root@oda000 backup]# which uncompress
  /usr/bin/uncompress
  [root@oda000 backup]# /opt/osb/osb-10.4.0.2.0_linux.x64_cdrom120606/setup
  Welcome to Oracle's setup program for Oracle Secure Backup. This
  program loads Oracle Secure Backup software from the CD-ROM to a
  filesystem directory of your choosing.
  This CD-ROM contains Oracle Secure Backup version 10.4.0.2.0_LINUX64.
  Please wait a moment while I learn about this host... done.
  1. linux86_64
  administrative server, media server, client
  Loading Oracle Secure Backup installation tools... done.
  Loading linux86_64 administrative server, media server, client...unzip: cannot find or open /usr/tmp/OB531, /usr/tmp/OB531.zip or /usr/tmp/OB531.ZIP.
  ERROR: can't uncompress /usr/tmp/OB531
  (made from /opt/osb/osb-10.4.0.2.0_linux.x64_cdrom120606/linux86_64/gserver.tz)
  This is probably due to the uncompress utility being unavailable.
  Make sure uncompress is available and then re-run setup.
  [root@oda000 backup]# which uncompress
  /usr/bin/uncompress
  [root@oda000 backup]# ls -lah /usr/bin/uncompress
  lrwxrwxrwx 1 root root 14 Feb 22 17:33 /usr/bin/uncompress -> /usr/bin/unzip
  Note that the symlink of uncompress to unzip is directly from the OSB installation documentation. None of those files exist in /usr/tmp, but there is a similarly named .Z file there.  However the file name changes, so it cannot just be renamed or manually uncompressed.  I also tried extracting from the mentioned "gserver.tz" file, to no avail.
  Please advise as to how to complete OSB client installation on an ODA.

  There is a white paper on using ODA and OSB:
  http://www.oracle.com/technetwork/server-storage/engineered-systems/database-appliance/documentation/protecting-oda-with-osb-1674207.pdf
  Donna

• Linux Ghost Vulnerability CVE-2015-0235

  Just heard about this, the bug is old (discovered around 2013 I believe) but was just released as a security advisory today or yesterday.
  This link shows you how to determine if your system is vulnerable, and how to patch the bug although it doesn't include how to patch on arch systems. I tested my system and it isn't vulnerable, so for the most part if you keep your system up to date it shouldn't be vulnerable either, but it doesn't hurt to check!
  http://www.cyberciti.biz/faq/cve-2015-0 … hel-linux/

  Trilby wrote:I was about to post in this in our grr thread.  Archlinux had the fixed glibc version over a year and a half ago.  Those who say the sky is falling really need to stop and actually look outside once in a while (not referring to this thread - but to my university's IT "professional" who sent out the dumbest email about this to the entire university acting like it was the end of the world).
  On Google+, there's a guy (who I won't name) going around promoting his article about this security vulnerability, which incidentally written in such a way that mother said "so, all Linux devices, including Android phones, are affected, right?". Same guy seems to write articles monthly about how Linux is dying on the Desktop Computer...
  On that note, I wonder whether we need to keep this thread open before it turns into a GRR-fest.

• CVE-2015-0235 update for Enterprise Linux 4?

  Just wondering if there is going to be an update for glibc made available via Index of /repo/EnterpriseLinux/EL4/latest/i386/
  The RHEL errata update is glibc-2.3.4-2.57.el4.2.i686.rpm, the latest in the Oracle repo is el4.1 from 2012.
  Cheers
  S.

  This has now been released: linux.oracle.com | ELSA-2015-0101 - glibc security update