Ghost Linux

A serious bug in all Linux OS

A new bug is announced in all Linux OS recently.It is about a package, glibc. This package is responsible for C libc libraries, (libm) ,POSTIX Thread, Name Server Caching Deamon (nscd) standard libraries.
This vulnerability is from Heap Buffer OverFlow kind for nss_hostname_digits_dots() function in libc which are called by gethostbyname() and ethostbyname2() that make hacker able to run their codes in the server! Qualys company found this bug and named it as “ghost”.

Vulnerable RED HATS:
Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Server EUS (v. 6.6.z)
Red Hat Enterprise Linux Workstation (v. 6)
Red Hat Enterprise Linux Workstation (v. 7)

Vulnerable CentOs:
centos 4.x
centos 5.x
centos 6.x
centos 7.x

Vulnerable Ubuntu:
Ubuntu 12.04 LTS
Ubuntu 10.04 LTS

And almost all cloudlinux, debin and OpenWall are vulnerable!

This scripts can check your OS for this bug:

wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
gcc -o ghost GHOST.c
./ghost

To fix the bug in CentOS, RED HAT and CloudLinux, run this:

yum -y update glibc

In Ubuntu and Debian run:

yum -y update glibc

Then reboot the OS.

Add A Comment

Your email address will not be published. Required fields are marked *

CAPTCHA

*