Ghost Vulnerability

User photo
Name
D. SKye Hodges!

In case anyone is following this:

Security, Bomgar Security Notice for CVE-2015-0235

Question

Security, Bomgar Security Notice for CVE-2015-0235

Answer

Bomgar Security Notice for CVE-2015-0235

Bomgar is aware and monitoring the new CVE-2015-0235 and it’s applicability to Bomgar. Qualys discovered a buffer overflow in a function of the GNU C Library (glibc). It’s exploitable remotely and makes it possible to achieve arbitrary code execution. Bomgar does utilize a version of Glibc that is identified in the CVE however based on the information available there is no unauthenticated path in Bomgar that is vulnerable. Out of caution Bomgar is currently planning to release a patch in the near term that addresses the finding. Once the patch is made available it will be placed in the Bomgar Self Service portal or via the check for updates in /appliance.

  1. User photo
    Name
    Jade
    Company
    e-Xpert Solutions

    Hello,

    any news for the patch ?

    How bomgar will communicates about it ?

    Thank you

  2. User photo
    Name
    Benny

    ‚ÄčIs this the same as CVE-2015-7547? https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html

    If severe enough Bomgar support will email you, but otherwise check for a patch at: https://help.bomgar.com/ssc/

Register or log in to leave a reply to this thread.