SynopsisThe remote device is affected by a remote code execution vulnerability.
DescriptionThe version of Cisco NX-OS software running on the remote device is affected by a remote code execution vulnerability known as GHOST. A heap-based buffer overflow condition exists in the GNU C Library (glibc) due to improper validation of user-supplied input to the glibc functions __nss_hostname_digits_dots(), gethostbyname(), and gethostbyname2(). An unauthenticated, remote attacker can exploit this to cause a buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to the relevant fixed version referenced in the vendor advisory.