Palo Alto Networks Security Advisories / CVE-2015-0235

CVE-2015-0235 GHOST: glibc vulnerability

047910
Severity 0 · NONE
Attack Vector PHYSICAL
Attack Complexity HIGH
Privileges Required HIGH
User Interaction REQUIRED
Scope UNCHANGED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact NONE

Description

The open source library “glibc” has been found to contain a recently discovered vulnerability (CVE-2015-0235, commonly referred to as “GHOST”) that has been demonstrated to enable remote code execution in some software. Palo Alto Networks software makes use of the vulnerable library, however there is no known exploitable condition in PAN-OS software enabled by this vulnerability at the time of this advisory. An update to PAN-OS will be made available that addresses CVE-2015-0235 in a regularly scheduled software maintenance update. (Ref # 74443)

The exploitability of CVE-2015-0235 on vulnerable systems is highly dependent on the architecture and design surrounding use of the vulnerable functions within the system, and exploitable conditions found across various open source software libraries have so far been exceedingly rare. At the time of this advisory, Palo Alto Networks is not aware of any specific remotely exploitable condition enabled by this vulnerability that affects any Palo Alto Networks products.

This issue affects PAN-OS versions prior to PAN-OS 7.0.1

Product Status

VersionsAffectedUnaffected
PAN-OS 7.0None>= 7.0.1

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)

Weakness Type

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Solution

PAN-OS 7.0.1

Workarounds and Mitigations

N/A

© 2020 Palo Alto Networks, Inc. All rights reserved.