Aminserve: Your reliable partner for RDP VPS Dedicated Server VPN since 2010

No restriction, Crypto accepted from anyone, anywhere!

A serious bug in all Linux OS

Table of Contents

A new bug is announced in all Linux OS recently.It is about a package, glibc. This package is responsible for C libc libraries, (libm) ,POSTIX Thread, Name Server Caching Deamon (nscd) standard libraries.
This vulnerability is from Heap Buffer OverFlow kind for nss_hostname_digits_dots() function in libc which are called by gethostbyname() and ethostbyname2() that make hacker able to run their codes in the server! Qualys company found this bug and named it as “ghost”.

Vulnerable RED HATS:
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server EUS (v. 6.6.z)
Red Hat Enterprise Linux Workstation (v. 6)
Red Hat Enterprise Linux Workstation (v. 7)

Vulnerable CentOs:
centos 4.x
centos 5.x
centos 6.x
centos 7.x

Vulnerable Ubuntu:
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

And almost all cloudlinux, debin and OpenWall are vulnerable!

This scripts can check your OS for this bug:

wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
gcc -o ghost GHOST.c
./ghost

To fix the bug in CentOS, RED HAT and CloudLinux, run this:

yum -y update glibc

In Ubuntu and Debian run:

yum -y update glibc

Then reboot the OS.

Can’t decide which plan is right for you? We will guide you step by step.

logo

Quality hosting since 2010