Answer
Last updated on February 17, 2016 @ 18:00 GMT
Overview
Vulnerability in Linux glibc system library can be exploited to gain root access to the server and execute a code. A special crafted DNS response may cause stack buffer overflow on Linux systems.
Kerio Cloud
All systems in Kerio Cloud are patched and up to date.
Kerio Connect
Affected systems
All Linux systems supported by Kerio Connect, including Debian, Ubuntu, Red Hat, CentOS.
Solution
Keep your operating system updated and restart the server after installing latest glibc updates.
Debian 8
Run sudo apt-get update and sudo apt-get upgrade in terminal to keep your system up-to-date.
To view actual library version run sudo dpkg -s libc6. The correct version is 2.19-18+deb8u3.
Debian 7 (& Kerio Connect 8.3.x and higher virtual appliance)
Run sudo apt-get update and sudo apt-get upgrade in terminal to keep your system up-to-date.
To view actual library version run sudo dpkg -s libc6. The correct version is 2.13-38+deb7u10.
Debian 6 (& Kerio Connect 8.2.x and older virtual appliance)
Run sudo apt-get update and sudo apt-get upgrade in terminal to keep your system up-to-date.
To view actual library version run sudo dpkg -s libc6. The correct version is 2.11.3-4+deb6u11.
Red Hat 6, 7
Update is available via Red Hat Network.
CentOS 6, 7
Run sudo yum update in terminal. Fixed library versions can be found at https://access.redhat.com/errata/RHSA-2016:0176. You can get the version of installed library with sudo rpm -q glibc command.
Ubuntu 12.04 LTS, 14.04 LTS
Run sudo apt-get update and sudo apt-get upgrade in terminal to keep your system up-to-date.
To view actual library version run sudo dpkg -s libc6. The correct library version can be found at http://www.ubuntu.com/usn/usn-2900-1/.
Kerio Connect Virtual Appliance update
Before running apt-get update command please make sure that /etc/apt/sources.list file contains updated list of Debian package repositories. The list should contain three repositories: main packages, updates and security updates.
To edit the file use sudo nano /etc/apt/sources.list command.
For Debian 7 (Wheezy) the file should contain:
deb http://ftp.debian.org/debian wheezy main
deb-src http://ftp.debian.org/debian wheezy main
deb http://ftp.debian.org/debian wheezy-updates main
deb-src http://ftp.debian.org/debian wheezy-updates main
deb http://security.debian.org/ wheezy/updates main
deb-src http://security.debian.org/ wheezy/updates main
For Debian 6 (Squeeze) the file should contain:
deb http://ftp.debian.org/debian/ squeeze main contrib
deb-src http://ftp.debian.org/debian/ squeeze main contrib
deb http://security.debian.org/ squeeze/updates main contrib
deb-src http://security.debian.org/ squeeze/updates main contrib
deb http://ftp.debian.org/debian squeeze-lts main contrib
deb-src http://ftp.debian.org/debian squeeze-lts main contrib
Kerio Control
Kerio Control box, software appliance and virtual appliance up to version 9.0.1 contains the vulnerable glibc library.
Kerio Control 9.0.1 patch 2 onward this has been fixed. You can run the upgrade from product administration or download update package from Kerio website.
Kerio Operator
Kerio Operator box and the software appliance up to version 2.4.5 contains the vulnerable Glibc library.
Kerio Operator 2.4.5 patch 2 onward this has been fixed.
MyKerio
MyKerio cloud service is not affected by CVE-2015-7547.
Priyanka Bhotika
Comments