The Virtual Storage Guy: A Perspective on Data Storage from Clouds to Analytics
  • All-Flash-Arrays
  • Cloud Computing
  • Technology & Trends
  • About
  • Books

GHOST Critical Vulnerability in Pure Storage Systems

February 18, 2015Best Practices, SecurityNo commentsVaughn Stewart

If you're new here, consider subscribing to my RSS feed. Cheers!

CVE-2015-0235 or GHOST is a critical vulnerability in the LINUX glibc library. Its a buffer overflow bug affecting the gethostbyname() and gethostbyname2() function calls. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Customers running Purity O.E. versions 3.4.x, 4.0.x, 4.1.x and later are not vulnerable to GHOST; however, all running versions 3.3.x and earlier are susceptible and should contact Pure support to upgrade and address this issue.

Cloud Assist is not vulnerable to GHOST.

This information was originally posted in the Pure Storage Communities. If you’re a customer or partner and not a community member, consider signing up.

Related

Previous post Pure Storage at VMware PEX: Join us for Flash and One-on-One briefings Next post Hyper-Converged Infrastructures are not Storage Arrays

Leave a Reply Cancel reply

VP of Technology at Pure Storage. Strategic thinker, provocative blogger & author. Imported from Detroit, refined in Silicon Valley.

  • Google+
  • Linkedin
  • RSS
  • Twitter

Categories

  • Alignment
  • All-Flash-Arrays
  • APIs
  • Backup & DR
  • Best Practices
  • Big Data
  • Cisco
  • Citrix
  • Cloud Computing
  • Compression
  • Converged Infrastructures
  • Deduplication
  • Desktop Virtualization
  • DevOps
  • Disk-Based Arrays
  • Disruptive Technology
  • Flash
  • Hyper-V
  • Infrastructure 2.0
  • KVM
  • Management
  • NAS
  • Object
  • OpenStack
  • Oracle
  • Orchestration
  • Performance
  • Pure Storage 101
  • SAN
  • Scale-Out
  • Scale-Up
  • Security
  • Software-Defined Storage
  • Storage Tiering
  • Storage Virtualization
  • Tech Trends
  • Thin Provisioning
  • Traditional Storage
  • Unified Storage
  • VMFS
  • VMware
  • VSA
  • VVOLs

Archives

Avatars by Sterling Adventures

Subscribe via Email

Subscribe to this blog and receive notifications of new posts by email.

The published content expresses my personal prospective. These posts are not official statements of my employer, Pure Storage. Thanks for reading. - Vaughn
BlogWithIntegrity.com