Palo Alto Networks PAN-OS <= 5.0.15 / 6.0.x <= 6.0.8 / 6.1.x <= 6.1.2 GNU C Library (glibc) Buffer Overflow (GHOST)
High Nessus Plugin ID 81167
SynopsisThe remote host is affected by a buffer overflow vulnerability.
DescriptionThe remote host is running a version of Palo Alto Networks PAN-OS equal to or prior to 5.0.15 / 6.0.8 / 6.1.2. It is, therefore, affected by a heap-based buffer overflow in the GNU C Library (glibc) due to improperly validating user-supplied input in the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). This allows a remote attacker to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.
SolutionThe vendor has not yet provided a patch at this time (2015/03/10).
Please contact the vendor regarding a patch or workaround.