ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    GHOST: glibc gethostbyname buffer overflow

    News
    linux security
    3
    11
    1061
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Ambarishrh
      Ambarishrh last edited by

      A major security vulnerability was released for glibc today

      http://www.openwall.com/lists/oss-security/2015/01/27/9

      1 Reply Last reply Reply Quote 1
      • scottalanmiller
        scottalanmiller last edited by

        Oh man, glibc is pretty ubiquitous.

        1 Reply Last reply Reply Quote 0
        • scottalanmiller
          scottalanmiller last edited by

          I suspect that this will be patched in no time, though. A lot of eyes on glibc.

          1 Reply Last reply Reply Quote 0
          • Ambarishrh
            Ambarishrh last edited by

            Redhat seems like they have it patched for only 5! Still checking on possible patches but more worried about breaking something! 😞

            scottalanmiller 1 Reply Last reply Reply Quote 0
            • scottalanmiller
              scottalanmiller @Ambarishrh last edited by

              @ambarishrh said:

              Redhat seems like they have it patched for only 5! Still checking on possible patches but more worried about breaking something! 😞

              They are likely going version by version.

              1 Reply Last reply Reply Quote 0
              • Ambarishrh
                Ambarishrh last edited by

                Hope to get for version 6 as well. Meantime I got Lynis enterprise for our servers! 🙂 Currently working on installing it on all servers and doing a complete audit, just to make sure nothing slipped of.

                1 Reply Last reply Reply Quote 0
                • Ambarishrh
                  Ambarishrh last edited by

                  cPanel has posted the following article regarding this vulernability.

                  http://documentation.cpanel.net/display/CKB/CVE-2015-0235+GHOST

                  You can check if your server is affected by running the following command. If this was patched it should show a line in the output which indicates it was patched.

                  rpm -q --changelog glibc | grep CVE-2015-0235

                  Fix mentioned is to do an yum upgrade which updates glibc, but doesnt seems like CentOS has this yet

                  1 Reply Last reply Reply Quote 0
                  • Ambarishrh
                    Ambarishrh last edited by

                    Looks like the scope of affected apps may be smaller than originally anticipated:

                    http://seclists.org/oss-sec/2015/q1/283

                    1 Reply Last reply Reply Quote 1
                    • scottalanmiller
                      scottalanmiller last edited by

                      Good deal.

                      1 Reply Last reply Reply Quote 0
                      • Reid Cooper
                        Reid Cooper last edited by

                        PHP and WordPress found to be vulnerable.

                        http://threatpost.com/php-applications-wordpress-subject-to-ghost-glibc-vulnerability/110755

                        scottalanmiller 1 Reply Last reply Reply Quote 1
                        • scottalanmiller
                          scottalanmiller @Reid Cooper last edited by

                          @Reid-Cooper wonderful

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post