Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Buffer Overflow (GHOST)

High Nessus Plugin ID 81167

Synopsis

The remote host is affected by a buffer overflow vulnerability.

Description

The remote host is running a version of Palo Alto Networks PAN-OS equal to or prior to 5.0.15 / 6.0.8 / 6.1.2. It is, therefore, affected by a heap-based buffer overflow in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.

Solution

The vendor has not yet provided a patch at this time (2015/03/10).

Please contact the vendor regarding a patch or workaround.

See Also

https://securityadvisories.paloaltonetworks.com/Home/Detail/29

http://www.nessus.org/u?c7a6ddbd

Plugin Details

Severity: High

ID: 81167

File Name: palo_alto_PAN-SA-2015-0002.nasl

Version: 1.16

Type: combined

Published: 2015/02/04

Modified: 2018/07/24

Dependencies: 72816

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2015/01/12

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2015-0235

BID: 72325

CERT: 967332