A very serious security problem has been found in the GNU C Library (Glibc) called GHOST. How can I fix GHOST vulnerability and protect my Linux server against the attack? How do I verify that my server has been fixed against the Glibc GHOST vulnerability? And what is this all about?
A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
See more information about CVE-2015-0235 from MITRE CVE dictionary and NIST NVD.
Link to download patch for Oracle Linux:
http://linux.oracle.com/cve/CVE-2015-0235.html
Link to download patch for RHEL:
https://access.redhat.com/articles/1332213
An easy way to fix the GHOST vulnerability on a CentOS/RHEL/Fedora/Scientific Linux:
sudo yum clean all
sudo yum update
An easy way to fix the GHOST vulnerability on a Ubuntu/Debian Linux:
sudo apt-get clean
sudo apt-get update
sudo apt-get upgrade
An easy way to fix the GHOST vulnerability on a SUSE Linux Enterprise:
SUSE Linux Enterprise Software Development Kit 11 SP3
zypper in -t patch sdksp3-glibc-10206
SUSE Linux Enterprise Server 11 SP3 for VMware
zypper in -t patch slessp3-glibc-10206
SUSE Linux Enterprise Server 11 SP3
zypper in -t patch slessp3-glibc-10206
SUSE Linux Enterprise Server 11 SP2 LTSS
zypper in -t patch slessp2-glibc-10204
SUSE Linux Enterprise Server 11 SP1 LTSS
zypper in -t patch slessp1-glibc-10202
SUSE Linux Enterprise Desktop 11 SP3
zypper in -t patch sledsp3-glibc-10206
Finally run for all SUSE linux version to bring your system up-to-date:
zypper patch
Fix the GHOST vulnerability on a OpenSUSE Linux:
zypper lu
zypper up
Note: Reboot will be required after update for all Linux.
A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
See more information about CVE-2015-0235 from MITRE CVE dictionary and NIST NVD.
Link to download patch for Oracle Linux:
http://linux.oracle.com/cve/CVE-2015-0235.html
Link to download patch for RHEL:
https://access.redhat.com/articles/1332213
An easy way to fix the GHOST vulnerability on a CentOS/RHEL/Fedora/Scientific Linux:
sudo yum clean all
sudo yum update
An easy way to fix the GHOST vulnerability on a Ubuntu/Debian Linux:
sudo apt-get clean
sudo apt-get update
sudo apt-get upgrade
An easy way to fix the GHOST vulnerability on a SUSE Linux Enterprise:
SUSE Linux Enterprise Software Development Kit 11 SP3
zypper in -t patch sdksp3-glibc-10206
SUSE Linux Enterprise Server 11 SP3 for VMware
zypper in -t patch slessp3-glibc-10206
SUSE Linux Enterprise Server 11 SP3
zypper in -t patch slessp3-glibc-10206
SUSE Linux Enterprise Server 11 SP2 LTSS
zypper in -t patch slessp2-glibc-10204
SUSE Linux Enterprise Server 11 SP1 LTSS
zypper in -t patch slessp1-glibc-10202
SUSE Linux Enterprise Desktop 11 SP3
zypper in -t patch sledsp3-glibc-10206
Finally run for all SUSE linux version to bring your system up-to-date:
zypper patch
Fix the GHOST vulnerability on a OpenSUSE Linux:
zypper lu
zypper up
Note: Reboot will be required after update for all Linux.
Posts
No comments:
Post a Comment