GHOST Vulnerability: CVE-2015-0235

 

ghost2

Background Information:

Last January 27, 2015, cloud security provider Qualys announced a vulnerability in all versions of the GNU C library (glibc).

 

Details:

According to RedHat’s CVE Database:

A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.

 

How to check my Glibc version?

To check your glibc version, simply run:

ldd –version

Please note that ldd might not be installed on some linux systems.

 

How to update my glibc?

1. For Ubuntu and other Debian-based systems, run the following:

$ sudo apt-get update
$ sudo apt-get dist-upgrade

Once the update is done, reboot your system:

$ sudo reboot

2. For RedHat, CentOS, CloudLinux and rpm-based/yum-based systems, run the following:

$ yum update glibc

Once the update is done, reboot your system:

$ reboot

For RedHat Linux, CentOS and CloudLinux, you can check if your glibc is updated by running:

rpm -q –changelog glibc | grep CVE-2015-0235

If a changelog is shown, then your system is protected against this vulnerability.

 

For more information about this vulnerability, check out the following references:

* https://access.redhat.com/security/cve/CVE-2015-0235

* http://www.ubuntu.com/usn/usn-2485-1/

Advertisements

1 Comment (+add yours?)

  1. axeltux
    Feb 02, 2015 @ 04:49:35

    Reblogged this on axeltux.

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: