Hello everyone,
In case you haven't noticed, there is a critical bug going around these days in glibc that has successfully been remotely exploited through gethostbyname in exim (and possibly everywhere in Linux where a name is resolved):
oss-security - Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
I was unable to quickly assess if UTM is affected. Since the bug only affect older versions of glibc (2.17 and down. 2.18 and up are safe), it is likely not a problem. However, you might want to keep an eye on news.
That old bug wasn't thought to be a security issue until recently. Now, POC against exim has been already tested and metasploit is adding a module to it's catalog (should be there soon).
I'm sure the community would appreciate a work from Sophos regarding this (which version of UTM - if any - is affected). At the very lest, I would [:P]
Some extra info:
https://security-tracker.debian.org/tracker/CVE-2015-0235
Highly critical
Edit:
"ldd --version" returns "ldd (GNU libc) 2.11.3". Looks like we might be looking at an emergency patch and reboot.
This thread was automatically locked due to age.
