Blade ZipKit - Ghost Vulnerability GLIBC Detection

Version 2

    Blade ZipKit - Ghost GLIBC Detection


    Blade ZipKit Package Info

    Name: Ghost Vulnerability GLIBC Detection

    Type:Component Template + Sensor

    BSA Compatible Version: 8.5.x

    Version: 1.0

    Created by: richard mcleod

    Tested version on:

    Tested against host running: Red Hat


    This component template checks for vulnerable versions of glibc on linux(redhat) boxes per CVE-2015-0235. It leverages an EO which is based on the ghost detection script that was provided by RedHat.


    CVE Disclosure: CVE -CVE-2015-0235
    Red Hat Response: GHOST: glibc vulnerability (CVE-2015-0235) - Red Hat Customer Portal

    Red Hat Ghost Detector Script:


    You'll have to import and deploy the sensor before you import the component template.


    1. Download and extract the zip file.

    2. Navigate to the Jobs folder and choose Import

    3. Point the import to the folder: ghost_glibc_detection-sensor-deploy

    3.a Complete the import (this should have added the sensor file, sensor bl package to the depot and sensor bl deploy job to the Jobs space)

    4 Open the BL Package from the Depot

    4.a Set the location of the sensor file to the path of the sensors folder (hopefully this is the same across your app/config servers

    Final path should look something like this: /C/Program Files/BMC Software/BladeLogic/NSH/share/sensors/ghost_glibc_detection.LINUX

    5. Deploy the BL Package to all of your app/config servers

    6. Open the Config Object Dictionary (Configuration -> Config Object Dictionary View)

    7. Choose the Import Configuration Object icon

    8. Point the import to the folder: ghost_glibc_detection_Linux

    8.a Complete the import

    9. Navigate to the Jobs folder, choose a folder, right click and select Import

    10. Point the import to the folder: ghost_glibc_detection-dc

    10.a Complete the import

    11. Execute the ghost_glibc_detection-dc job against hosts