Fix and protect server from Glibc GHOST Vulnerability # CVE-2015-0235

Stop worrying about your server.

cPanel/Plesk Server Management for just $59/mo with Unlimited tickets, Unlimited admin hours, Security audits, 24×7 monitoring and lot more 

cPanel Server Management  $59/mo Click here

Plesk Server Management $59/mo Click here

Fix and protect server from Glibc GHOST Vulnerability # CVE-2015-0235:

Recently there was a serious security problem has been found in GNU C Library (Glibc) called GHOST. It was announced on 27th January 2015. You need to check your server against this Vulnerability and make sure you are protected.

This Vulnerability is affected on the following distributions,

RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x
CentOS Linux version 5.x, 6.x & 7.x
Ubuntu Linux version 10.04, 12.04 LTS
Debian Linux version 7.x
Linux Mint version 13.0
Fedora Linux version 19 or older
SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions).
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP2 LTSS
SUSE Linux Enterprise Server 11 SP1 LTSS
SUSE Linux Enterprise Server 10 SP4 LTSS
SUSE Linux Enterprise Desktop 11 SP3
Arch Linux glibc version <= 2.18-1

How to check GHOST vulnerability on your server ?

This can be checked using the following C code, for that save the below C code on a file and run the C code,

/* ghosttest.c:  GHOST vulnerability tester */
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
 
#define CANARY "in_the_coal_mine"
 
struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
 
int main(void) {
  struct hostent resbuf;
  struct hostent *result;
  int herrno;
  int retval;
 
  /*** strlen (name) = size_needed - sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
  size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
  char name[sizeof(temp.buffer)];
  memset(name, '0', len);
  name[len] = '';
 
  retval = gethostbyname_r(name, &resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
 
  if (strcmp(temp.canary, CANARY) != 0) {
    puts("vulnerable");
    exit(EXIT_SUCCESS);
  }
  if (retval == ERANGE) {
    puts("not vulnerable");
    exit(EXIT_SUCCESS);
  }
  puts("should not happen");
  exit(EXIT_FAILURE);
}

For running the C code first you need to compile the code using command,

gcc ghosttest.c -o ghosttest

Then run the code using the command,

./ghosttest

It will show the result as ” vulnerable ” and “not vulnerable”

How to fix the GHOST vulnerability on a CentOS/RHEL/Fedora/Scientific Linux:

Enter the following commands on the command line as root user,

sudo yum clean all
sudo yum update

after that reboot the server using the command,

sudo reboot

This will fix the vulnerability.

How to fix the GHOST vulnerability on a Ubuntu Linux:

Enter the following commands as root user,

sudo apt-get clean
sudo apt-get update
sudo apt-get upgrade

now reboot the server using command,

sudo reboot

this will fix the issue.

If you need our help to fix the issue with GHOST vulnerability. Please feel free to contact us, simply email to [email protected]

Monthly server support with Unlimited tickets, 24×7 monitoring, Security Audit and lot more for just $59 

Server Management at just $59

Leave a Reply

Your email address will not be published. Required fields are marked *