Solved

“Ghost”, glibc vulnerability

Posted on 2015-01-29
5
201 Views
Last Modified: 2015-02-02
I am trying to find info regarding “Ghost”, glibc vulnerability in VMware esxi host.
Anyone up there dealing with it?
0
Comment
Question by:sara2000
  • 2
  • 2
5 Comments
 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 40577797
As of Jan 28th 2015, every appliance and ESXi host is vulnerable.

As soon as it's fixed, VMware will release patches, another patch hit the streets yesterday VMware vCenter Server 5.5 Update 2d (27 Jan 2015)

see here

https://substructurenetworks.wordpress.com/2015/01/28/how-to-determine-if-your-vmware-appliances-are-vulnerable-to-the-ghost-glibc-vulnerability/
0
 

Author Comment

by:sara2000
ID: 40577903
I do not see anything on VMware website unless I am wrong?
0
 
LVL 118
ID: 40577980
It's only just been discovered, give them time to evaluate and patch it!
0
 
LVL 61

Expert Comment

by:gheist
ID: 40578529
2d is patch for openssl holes and makes paranoid memory non-deduplication optional. There are couple of others, namely ones dealing with stability of vmscsi...
All suse and centos based solution (like admin appliance, vcenter appliance) machines are 100% vulnerable.
0
 
LVL 61

Expert Comment

by:gheist
ID: 40584805
They now stated that they have vulnerable library shipped, though they dont use the vulnerable functions.
So no need to patch if you do not have 3rd party agents. If you have vendor modules installed - ask them... Without them you are safe.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Remove a folder in Linux 9 89
Vcenter 6. Share datastore files across two esxi hosts 12 65
Get host nic mac address 19 51
unable to unmount datastore/ re-add host 7 20
In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now