A Serious Bug In All Linux OS

A new bug is announced in all Linux OS recently.It is about a package, glibc. This package is responsible for C libc libraries, (libm) ,POSTIX Thread, Name Server Caching Deamon (nscd) standard libraries.
This vulnerability is from Heap Buffer OverFlow kind for nss_hostname_digits_dots() function in libc which are called by gethostbyname() and ethostbyname2() that make hacker able to run their codes in the server! Qualys company found this bug and named it as “ghost”.

Vulnerable RED HATS:
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server EUS (v. 6.6.z)
Red Hat Enterprise Linux Workstation (v. 6)
Red Hat Enterprise Linux Workstation (v. 7)

Vulnerable CentOs:
centos 4.x
centos 5.x
centos 6.x
centos 7.x

Vulnerable Ubuntu:
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

And almost all cloudlinux, debin and OpenWall are vulnerable!

This scripts can check your OS for this bug:

wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
gcc -o ghost GHOST.c
./ghost

To fix the bug in CentOS, RED HAT and CloudLinux, run this:

yum -y update glibc

In Ubuntu and Debian run:

yum -y update glibc

Then reboot the OS.

Aminserve: Your reliable partner for RDP VPS Dedicated Server VPN since 2010

A serious bug in all Linux OS

More Posts

Add RDP Server to a Domain – The Complete Guide

Exciting News: New Cryptocurrency Payment Gateway with Cryptomus!

VPN Update for Android TV/Firestick Users

Windows Dedicated Server in Germany

Swiss Dedicated Servers: Elevating Quality, Precision, and Privacy with AminServe

ESXi or KVM? Which one to choose for VPS hosting?

Can’t decide which plan is right for you? We will guide you step by step.

RDP

VPS

Dedicated Server

aminserve