A note from Katabat Director of Information Security, Arthur Haigh
Wilmington, DE, January 28, 2015 – On Tuesday, January 27th, a critical vulnerability affecting all variants of the Linux operating system was announced (Linux Ghost Remote Code Execution Vulnerability US-CERT). The risk of exploitation on Katabat (formerly CMC Agile) systems is low.
This vulnerability, CVE-2015-0235, is being referred to as the GHOST vulnerability. If exploited attackers could use this flaw to execute code and remotely gain control of Linux machines. Risk to Katabat systems is low as Katabat has multiple compensating controls and defenses in place to prevent unauthorized access to our systems and prevent exploitation of this vulnerability. Despite this, Katabat engineers have already begun applying the patch to affected systems. We will continue this patching effort with the highest priority, while minimizing the client-facing impact to our software and services.
For further information about Katabat’s capabilities, please contact your Katabat (formerly CMC Agile) Account Manager directly or via firstname.lastname@example.org or Joel Rickman via email@example.com