cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Weber <terbol...@gmail.com>
Subject Re: Ghost glibc vulnerability and CloudStack
Date Thu, 29 Jan 2015 12:34:52 GMT
Is apache httpd configured to disable hostname lookups (for access/error
log)?

If not it is easy to trigger a reverse dns lookup just by connecting to it
(which various scanners / exploiters do regularily).

That's not to say that httpd is vulnerable though, has the httpd project
given any info about their codebase?


-- 
Erik

On Thu, Jan 29, 2015 at 12:18 PM, Abhinandan Prateek <
abhinandan.prateek@shapeblue.com> wrote:

> The only way a user can directly reach SSVM is by using download template.
> To be able to get SSVM do a DNS lookup for some host as desired by the
> attacker, by using download template functionality looks far fetched.
>
> --
> Abhinandan Prateek
>
> M +919701199011
> abhinandan.prateek@shapeblue.com
>
> > On 29-Jan-2015, at 4:00 pm, Nux! <nux@li.nux.ro> wrote:
> >
> > As far as the SSVM is concerned, can this be exploited remotely?
> >
> > Lucian
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
> >
> > ----- Original Message -----
> >> From: "John Kinsella" <jlk@stratosec.co>
> >> To: dev@cloudstack.apache.org
> >> Sent: Wednesday, 28 January, 2015 21:17:42
> >> Subject: Re: Ghost glibc vulnerability and CloudStack
> >
> >>
> https://blogs.apache.org/cloudstack/entry/cloudstack_and_the_ghost_glibc
> has now
> >> been updated with links to download the updated SSVM
> >>
> >> John
> >>
> >> On Jan 28, 2015, at 11:55 AM, John Kinsella
> >> <jlk@stratosec.co<mailto:jlk@stratosec.co>> wrote:
> >>
> >> There’s a new vulnerability out in most Linux distributions that has
> potential
> >> to be fairly severe. As it affects most Linux distributions, we’re
> putting
> >> mitigation steps out immediately at [1].
> >>
> >> This affects many Linux distributions, so please review management
> servers,
> >> databases, storage systems, etc.
> >>
> >> An updated SSVM template is being QAed, once released the post will be
> updated
> >> with links and we’ll mention here as well.
> >>
> >> John
> >> 1:
> https://blogs.apache.org/cloudstack/entry/cloudstack_and_the_ghost_glibc
>
>
>
>
>
>
> Find out more about ShapeBlue and our range of CloudStack related services
>
> IaaS Cloud Design & Build<
> http://shapeblue.com/iaas-cloud-design-and-build//>
> CSForge – rapid IaaS deployment framework<http://shapeblue.com/csforge/>
> CloudStack Consulting<http://shapeblue.com/cloudstack-consultancy/>
> CloudStack Software Engineering<
> http://shapeblue.com/cloudstack-software-engineering/>
> CloudStack Infrastructure Support<
> http://shapeblue.com/cloudstack-infrastructure-support/>
> CloudStack Bootcamp Training Courses<
> http://shapeblue.com/cloudstack-training/>
>
> This email and any attachments to it may be confidential and are intended
> solely for the use of the individual to whom it is addressed. Any views or
> opinions expressed are solely those of the author and do not necessarily
> represent those of Shape Blue Ltd or related companies. If you are not the
> intended recipient of this email, you must neither take any action based
> upon its contents, nor copy or show it to anyone. Please contact the sender
> if you believe you have received this email in error. Shape Blue Ltd is a
> company incorporated in England & Wales. ShapeBlue Services India LLP is a
> company incorporated in India and is operated under license from Shape Blue
> Ltd. Shape Blue Brasil Consultoria Ltda is a company incorporated in Brasil
> and is operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is
> a company registered by The Republic of South Africa and is traded under
> license from Shape Blue Ltd. ShapeBlue is a registered trademark.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message