Skip to Content
This is the latest documentation for BMC Helix Network Management (formerly known as Netreo).

 

Is there any exposure to the Ghost exploit?

Short Answer

Based on our testing and research, we believe that BMC Helix Network Management is NOT vulnerable to this exploit at this time.

In January 2015, Qualys announced the existence of a security vulnerability GHOST-CVE-2015-0235.txt (also known as Ghost) in one of the underlying libraries that is used in almost all Linux-based operating systems.

This is a serious vulnerability in one of the most central software libraries in Linux and Unix (glibc), and affects almost all executable programs that use DNS or name lookups. A remote attacker able to call either of the compromised functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application.

In a later post, Qualys researchers enumerated applications they believed were not vulnerable. Those apps include Apache, OpenSSH, and Postfix, which are the only applications used by BMC Helix Network Management that are accessible over the network.

Based on our most current testing and research, as well as our “defense-in-depth” security implementation on the BMC Helix Network Management appliance, we believe that a standard deployment of BMC Helix Network Management is not vulnerable to this exploit at this time. However, it is possible as new information is discovered that novel ways to exploit the vulnerability may be found. For this reason, BMC Helix Network Management is preparing at the time of this writing (January 28, 2015) a software patch to replace the vulnerable libraries in all of the applications present on the BMC Helix Network Management software image. A notice will be emailed out to all customers on the BMC Helix Network Management Software Announcements mailing list as soon as a patch is available to install.

In practice, the risk of this type of exploit for BMC Helix Network Management customers is very low anyway, as BMC Helix Network Management is typically deployed behind the customer firewall and is not publicly accessible to outside attackers. BMC Helix Network Management also includes intrusion prevention technology to dynamically respond to attempts to gain unauthorized access. Please see the Appliance Security page for more information.

If you have any concerns, please feel free to contact BMC Helix Support.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Helix Network Management