The impact of the GHOST vulnerability on TIBCO's software products
Article ID: KB0108211
Updated On:
| Products | Versions |
|---|---|
| TIBCO Enterprise Message Service | - |
| TIBCO FTL | - |
| TIBCO ActiveSpaces | - |
Description
Description:
The GHOST (gethostbyname()heap overflow in glibc) vulnerability is a recently announced serious weakness in the Linux glibc library. An attacker could use this weakness take control of your system remotely without any previous knowledge of system credentials. The following TIBCO products make calls to the glibc library and therefore are exposed to this vulnerability if they are running on an affected Linux distribution.
- TIBCO Enterprise Message Service™ (EMS) - all versions on Linux
- TIBCO Rendezvous® (RV) - all versions on Linux
- TIBCO FTL® (FTL) - all versions on Linux
- TIBCO ActiveSpaces® - all versions on Linux
- TIBCO iProcess Products™ - all versions on Linux
TIBCO makes every effort to use industry standard best practices in our product development which includes dynamically linking with system libraries. TIBCO strongly recommends that our customers follow the recommendations of their Linux provider to upgrade their systems using the "package manager" for their distribution as soon as it is feasible. When your TIBCO processes are restarted they will automatically pick up the new libraries.
TIBCO does not anticipate any compatibility problems from patching the Linux system and we will continue to fully support our products in environments that have been properly patched.
Environment
TIBCO Enterprise Message Service™(EMS) - all versions on Linux
TIBCO Rendezvous®(RV) - all versions on Linux
TIBCO FTL®(FTL) - all versions on Linux
TIBCO ActiveSpaces®- all versions on Linux
TIBCO iProcess™- all versions on Linux
Issue/Introduction
The impact of the GHOST vulnerability on TIBCO's software products
Additional Information
Feedback
Yes
No
Powered by
