cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3063
Views
0
Helpful
5
Replies

Is AsyncOS vulnerable to New Critical GLibc Vulnerability CVE-2015-0235 (aka Ghost)

Paul Bendall
Level 1
Level 1

Raising for awareness in the community.

New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)

https://isc.sans.edu/diary/New+Critical+GLibc+Vulnerability+CVE-2015-0235+%28aka+GHOST%29/19237

Raised a support case and current update is Cicso is investigating if AsynOS is vulnerable

Paul

5 Replies 5

On a Cisco Nexus 7000 i get following in the Admin VDC with priv 15 rights:

 

---snip---

Admin-VDC# >>> import sys
Admin-VDC# >>> print (sys.version)
2.7.2 (default, Oct 25 2012, 22:15:30)
[GCC 4.3.2]
Admin-VDC# >>> import platform
Admin-VDC# >>> platform.libc_ver()
Permission denied. Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/isan/python/scripts/platform.py", line 163, in libc_ver
    f = open(executable,'rb')
IOError: [Errno 13] Permission denied: '/isan/bin/vsh'

 

---snap---

 

On the Catalyst platforms without EEM I don`t believe that there is a glibc.

 

kind regards,

flo

Jens Roesen
Level 1
Level 1

Since AsnycOS is based on FreeBSD which comes with BSD libc it should not be vulnerable. I ran the test code provided by Qualys on a ESA 8.5.6-074 and the libc version was not vulnerable.

Robert Sherwin
Cisco Employee
Cisco Employee

Currently it is being reviewed and looked into:

http://tools.cisco.com/security/center/viewAlert.x?alertId=37181

Please refer to the following information, as provided from our Product Security Incident Response Team (PSIRT):

Complete information about reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco is available on Cisco.com at:

http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html 

This web page includes instructions for press inquiries regarding Cisco Security Advisories. All Cisco Security Advisories are available at:

http://www.cisco.com/go/psirt

Official notice:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost

Affected and not affected products will be updated and included via this notice.  Please see this reference-able link for all related information.

-Robert

Mathew Huynh
Cisco Employee
Cisco Employee

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost

As per this notification updated by our PSIRT team.


Your Cisco Security Devices are not vulnerable.

Under Not Vulnerable.

---

Network and Content Security Devices

  • Cisco Adaptive Security Device Manager
  • Cisco Content Security Management Appliance (SMA)
  • Cisco IronPort Email Security Appliance
  • Cisco Web Security Appliance (WSA)

---