Jump to content


GHOST: glibc vulnerability (CVE-2015-0235)


  • Please log in to reply
No replies to this topic

#1 Guest_Kayalvizhi Subramaniam_*

Guest_Kayalvizhi Subramaniam_*
  • Guests

Posted 28 January 2015 - 04:17 PM

Our Security team has been made aware of a vulnerability that was announced today, CVE-2015-0235 , also known as GHOST. Please refer to http://en.wikipedia....i/GNU_C_Library for a description of what glibc is. This vulnerability has theoretical potential to impact our platform, but at this time there are no known exploits "in the wild".

For more details, please refer to the following articles :-

CentOS - https://access.redha...rticles/1332213
Ubuntu - http://www.ubuntu.com/usn/usn-2485-1/

Even though it is not exploited, this is a serious vulnerability and it is highly recommended to patch the servers. You can find out whether your server is vulnerable or not by running the following commands :-

------------
# wget https://webshare.uch...wnloads/GHOST.c
# gcc GHOST.c -o GHOST
# ./GHOST
------------

If the output of this command is not vulnerable then you don't have to do anything. The server is secure. But if the result is vulnerable then you need to patch the server using the following steps :-

Step 1 : You need to update the glibc package on the server.

For CentOS server, you can do this by running the command : yum -y upgrade glibc
For Unbuntu server, you can do this by running the command : apt-get install --only-upgrade libc6 -y

Step 2 : Restart all the services hosted on the server or reboot the server.

Once the server is rebooted or concerned services are restarted, you can once again verify if the server is vulnerable.

Please contact our support team if you need any further help.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users