Frequently Asked Questions and Responses related to CVE-2015-0235 Heap-based buffer overflow aka “GHOST”
What is the issue?
On January 27, 2015, a vulnerability was publicly announced in the Linux glibc library. Security researchers discovered a buffer overflow in one of the functions of the GNU C Library (glibc), aka the “GHOST” vulnerability. The vulnerability could be exploited remotely to run arbitrary code on affected systems.
For more details on this vulnerability please refer to
- https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235
What components of Syncplicity are affected?
The issue impacts the following Syncplicity components:
- EMC Syncplicity Enterprise Edition On-Premise Storage Connector (versions 2.2.1.2 and prior)
- Linux servers in the production Syncplicity infrastructure
Was Syncplicity compromised due to this vulnerability?
We have no evidence or reason to believe any Syncplicity systems were compromised in relation to this vulnerability.
What steps were taken to remediate the vulnerability?
EMC Syncplicity has patched all of our production Linux servers that are potentially impacted by this vulnerability.
What steps do customers need to take to remediate the vulnerability?
There is no action needed by EMC Syncplicity Personal Edition, Business Edition, and Enterprise Edition cloud storage customers to remediate this vulnerability.
EMC Syncplicity Enterprise Edition on-premise storage account administrators are advised to patch their on-premise Storage Connector servers. EMC recommends the following steps for each Storage Connector Node:
- Log into the Storage Connector node
- Check the version glibc with rpm by issuing the command “rpm -q glibc” (don't enter the quotes)
The output should look like this, with the package name followed by version information:
glibc-2.12-1.132.el6_5.4.x86_64
If the version of glibc matches, or is more recent than, the one listed here, you are safe from the GHOST vulnerability:
glibc-2.12-1.149.el6_6.5 - If the version of glibc is older than the one listed here, your system is vulnerable to GHOST and should be updated.
- Update glibc to the latest version available via yum by issuing the command “sudo yum update glibc” (don't enter the quotes)
- When the update is complete, reboot the Storage Connector server.
What additional measures is Syncplicity recommending to reduce the risk associated with this vulnerability?
While Syncplicity does not have additional recommendations at this time, EMC Syncplicity Enterprise Edition on-premise customers are advised to conduct their own risk assessment based on their specific configuration and take necessary precautions.
EMC recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided "as is" without warranty of any kind. EMC disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall EMC or its suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if EMC or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.