Fix and protect the server from Glibc GHOST Vulnerability # CVE-2015-0235:
Recently there was a serious security problem has been found in GNU C Library (Glibc) called GHOST. It was announced on 27th January 2015. You need to check your server against this Vulnerability and make sure you are protected.
This Vulnerability is affected on the following distributions,
RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x CentOS Linux version 5.x, 6.x & 7.x Ubuntu Linux version 10.04, 12.04 LTS Debian Linux version 7.x Linux Mint version 13.0 Fedora Linux version 19 or older SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions). SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 LTSS SUSE Linux Enterprise Desktop 11 SP3 Arch Linux glibc version <= 2.18-1
How to check GHOST vulnerability on your server ?
This can be checked using the following C code, for that save the below C code on a file and run the C code,
/* ghosttest.c: GHOST vulnerability tester */
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#define CANARY "in_the_coal_mine"
struct {
char buffer[1024];
char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
int main(void) {
struct hostent resbuf;
struct hostent *result;
int herrno;
int retval;
/*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
char name[sizeof(temp.buffer)];
memset(name, '0', len);
name[len] = '';
retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
if (strcmp(temp.canary, CANARY) != 0) {
puts("vulnerable");
exit(EXIT_SUCCESS);
}
if (retval == ERANGE) {
puts("not vulnerable");
exit(EXIT_SUCCESS);
}
puts("should not happen");
exit(EXIT_FAILURE);
}
For running the C code first you need to compile the code using command,
gcc ghosttest.c -o ghosttest
Then run the code using the command,
./ghosttest
It will show the result as ” vulnerable ” and “not vulnerable”
How to fix the GHOST vulnerability on a CentOS/RHEL/Fedora/Scientific Linux:
Enter the following commands on the command line as root user,
sudo yum clean all sudo yum update
after that reboot the server using the command,
sudo reboot
This will fix the vulnerability.
How to fix the GHOST vulnerability on a Ubuntu Linux:
Enter the following commands as root user,
sudo apt-get clean sudo apt-get update sudo apt-get upgrade
now reboot the server using command,
sudo reboot
this will fix the issue.
If you need our help to fix the issue with GHOST vulnerability. Please feel free to contact us, simply email to support@iserversupport.com
Leave A Comment