Accessibility Skip to content

Poly Systems - GHOST Impact

Vulnerability Summary

A vulnerability has been recently disclosed in the glibc gethostbyname() function used by some Linux and Linux-based operating systems. This vulnerability could potentially allow an attacker to inject code into a process that calls the vulnerable function.

 

Details

CVE-2015-0235, aka “GHOST” 

A heap-based buffer overflow was found in the __nss_hostname_digits_dots function of glibc 2.2, and other 2.x versions before 2.18, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker could potentially inject code into a process that calls the vulnerable functions to execute arbitrary code.

Published

Last Update: 3/11/2022
Initial Public Release: 1/29/2015
Advisory ID:  PLYGN15-01

CVE ID: CVE-2015-0235
CVSS Score: 10.0
CVSS: 2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C

Product Affected

PRODUCT

STATUS

Media Manager – All Versions 

Not Vulnerable 

CMAD (CMA Desktop) – All Versions 

Not Vulnerable 

CX5000 – All Versions 

Not Vulnerable 

Video Border Proxy (VBP) – All Versions 

FIXED – version 11.2.22 

CX Product Line, All Other Video Versions 

Not Vulnerable 

RealPresence Desktop – All Versions 

Not Vulnerable 

Group Series – All Versions 

Not Vulnerable 

Capture Station – All Versions 

Not Vulnerable 

RealPresence Access Director (RPAD) – All Versions 

Not Vulnerable 

CloudAXIS MEA – All Versions 

Not Vulnerable 

CloudAXIS WSP – All Versions 

FIXED – version 1.7.0 

Platform Director – All Versions 

FIXED – version 2.0 

HDX – All Versions 

FIXED – version 3.1.7 

RealPresence Resource Manager (RPRM) 

FIXED – version 8.3.1 

RSS 4000 – All Versions 

FIXED – version 8.5.3 

Distributed Media Application (DMA) – All Versions 

FIXED – version 6.2.1 and 6.1.3 

Capture Server 

FIXED – version 2.0 

Content Sharing Suite Client/Server – All Versions 

FIXED – version 1.5 

RealPresence Collaboration Server (RMX) – All Versions 

FIXED – 8.4.2 Hotfix available from support

RealPresence Mobile – All Versions 

Not Vulnerable 

UC Phones – VVX - All Versions 

FIXED – UCS 5.3 

UC Phones – SPIP & SSIP – All Versions 

Not Vulnerable 

Solution

Although there may be multiple attack vectors by which this vulnerability can be exploited, it seems to be challenging to exploit. Poly products do not make typical use of the most likely vectors of attack: MTAs, web-reachable diagnostic tools, or client applications such as web browsers.

Exploitation of this glibc vulnerability would require that a program on your Poly device performs a lookup of a host name provided by an attacker via a compromised DNS server.
The lookup would need to be done in a very particular manner and must lack some commonly employed sanity checks. Further, gethostbyname () functions have been obsoleted within
IPv6-supported applications by way of the getaddrinfo () call. We are continuing to investigate whether this completely mitigates the impact of this vulnerability on certain Poly devices.

An effective mitigation strategy will incorporate techniques both from within the product and within the deployment architecture. Steps that may be taken include but are not limited to: Protect your systems from corrupted outside servers via network firewalling or separation. Protect your systems from unauthorized access with named accounts and complex passwords. Use firewalls or VLAN’s to limit scope of name lookups. Use IP addresses rather than names where possible. Use IPv6 where possible.

 

Workaround

There is no workaround.

Contact

Any customer using an affected system who is concerned about this vulnerability within their deployment should contact Poly Technical Support(888) 248-4143, (916) 928-7561, or visit the Poly Support Site.

 

Revision History
VERSION DATE DESCRIPTION

1.0

1/29/2015

Original publication

1.1

NA

Unpublished

1.2

2/4/2015

New Products Added

1.3

2/24/2015

Many Products Added; Some Edits

1.4

2/27/2015

RPAD returned to NOT VULNERABLE, better detail on phones

1.5

3/16/2015

Updated fix and release information

1.6

4/10/2015

Updated fix and release information

1.7

4/20/2015

Updated fix and release information

1.8

4/30/2015

Updated fix and release information

1.9

5/19/2015

Updated fix and release information

2.0

10/23/2015

Final – Updated fixed status on all products

3.0

3/11/2022

Format Changes


©2022 Plantronics, Inc. All rights reserved.

Trademarks
Poly, the propeller design, and the Poly logo are trademarks of Plantronics, Inc.  All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient's personal use, without the express written permission of Poly.

Disclaimer
While Poly uses reasonable efforts to include accurate and up-to-date information in this document, Poly makes no warranties or representations as to its accuracy. Poly assumes no liability or responsibility for any typographical errors, out of date information, or any errors or omissions in the content of this document. Poly reserves the right to change or update this document at any time. Individuals are solely responsible for verifying that they have and are using the most recent Technical Bulletin. 

Limitation of Liability
Poly and/or its respective suppliers make no representations about the suitability of the information contained in this document for any purpose. Information is provided "as is" without warranty of any kind and is subject to change without notice. The entire risk arising out of its use remains with the recipient. In no event shall Poly and/or its respective suppliers be liable for any direct, consequential, incidental, special, punitive, or other damages whatsoever (including without limitation, damages for loss of business profits, business interruption, or loss of business information), even if Poly has been advised of the possibility of such damages.