188金宝搏的网址_188金博的官方网址导航

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory ===============================咨询ID: Aruba - psa -2015-002 CVE: CVE-2015-0235发布日期:2015-02-05 Status: Not vulnerable Revision:1标题=====缓冲区溢出在glibc，又名“GHOST”概述========基于堆的缓冲区溢出在__nss_hostname_digits_dots函数在glibc和其他2。x2.18之前的版本，允许上下文依赖的攻击者通过与(1)gethostbyname或(2)gethostbyname2函数相关的向量执行任意代码，也就是“GHOST”。受影响的Aruba产品=======================无详细信息=======更多关于漏洞本身的详细信息请参见http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235。多个Aruba产品构建在Linux和其他开源产品之上。这些产品中存在一个“glibc”C库的脆弱版本。然而，GHOST漏洞需要一组特定的条件才能被利用。Aruba分析了所有Aruba产品中漏洞功能的使用情况，并确定该漏洞不能通过任何标准接口被利用。解决方案========== Aruba将在产品维护的正常过程中修补所有产品的C库。一般来说，在发布咨询之后的下一个可用的维护版本将包含修复。 This is being done as a precaution, to ensure that any new features developed in the future do not become vulnerable through GHOST. AirWave customers may manually apply a fix by logging into a root shell and issuing the command: yum update glibc Obtaining Fixed Software ======================== Aruba customers can obtain software updates on the support website: http://support.arubanetworks.com Aruba Support contacts are as follows: +1-800-WiFiLAN (1-800-943-4526) (toll free from within North America) +1-408-754-1200 (toll call from anywhere in the world) The full contact list is at: //www.nexbus-cng.com/support-services/support-program/contact-support/ e-mail: support(at)arubanetworks.com Please do not contact "sirt(at)arubanetworks.com" for software upgrades. Revision History ================ Revision 1.0 / 2015-Feb-05 / Initial release Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at: //www.nexbus-cng.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to sirt(at)arubanetworks.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: //www.nexbus-cng.com/support-services/security-bulletins/ (c) Copyright 2015 by Aruba Networks, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJU06ZFAAoJEJj+CcpFhYbZLkYH/15eCD7DIOLSGnFVTE4Xm/A5 nGTcKs0h35NUgcvpnilUrDvu4JLp927GSeeSYfVtYjRIQEQ6aHSas5Jlzh81A1/z Y1UTmqPvtsxCo7W+H4EpJ+wBtx1urAoiW/7FKW64W9UCH790H66IGWFTpZ/FXdwN CyosVcvJPAjMi5eicbEnqX9RyqDg8bp/9sjvVurOP2YswuZfMxs9x8wixlYQgyCW aw8RCa07xlNj5ZMB5aOiCj4LM89Gm7DvTjr1Eta64sTbQCt4bTMp63VSQ75C2kjS x3nzyFA1DZizN/zM/yRvB4TCrMzpqmFP8kBD9/CcqkI4C2twxX7MyrX87kgq7HQ= =X9r6 -----END PGP SIGNATURE-----