Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Buffer Overflow (GHOST)

high Nessus Plugin ID 81167

Synopsis

The remote host is affected by a buffer overflow vulnerability.

Description

The remote host is running a version of Palo Alto Networks PAN-OS equal to or prior to 5.0.15 / 6.0.8 / 6.1.2. It is, therefore, affected by a heap-based buffer overflow in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.

Solution

The vendor has not yet provided a patch at this time (2015/03/10).

Please contact the vendor regarding a patch or workaround.

See Also

https://securityadvisories.paloaltonetworks.com/Home/Detail/29

http://www.nessus.org/u?c7a6ddbd

Plugin Details

Severity: High

ID: 81167

File Name: palo_alto_PAN-SA-2015-0002.nasl

Version: 1.16

Type: combined

Published: 2/4/2015

Updated: 7/24/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.8

CVSS v2

Risk Factor: High

Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 1/12/2015

Exploitable With

Core Impact

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

CVE: CVE-2015-0235

BID: 72325

CERT: 967332