Exadata’s comp nodes and storage cells may be vulnerable to the glibc “GHOST” exploit that’s currently in the tech news (full control of remote systems can be obtained through gethostbyname()).
Remedial steps for Exadata can be found here:
glibc vulnerability (CVE-2015-0235) patch availability for Oracle Exadata Database Machine (Doc ID 1965525.1)
As it’s a vulnerability with glibc, other RHEL / OEL systems might also be affected. “Unpatched” versions of glibc from 2.2 to 2.17 contain the exploit.
To check whether a system is vulnerable:
rpm -q glibc
If the version of glibc matches or is more recent than the versions below, the system is NOT vulnerable to the exploit.
• RHEL 5: 2.5-123
• RHEL 6: 2.12-1.149
• RHEL 7: 2.17-55
If the installed version is older than these versions, “yum update glibc” will install the latest version. A server reboot is necessary.