PDA

View Full Version : GHOST bug/exploit in Linux - Critical

Dave
01-28-2015, 09:09 AM
http://arstechnica.com/security/2015/01/highly-critical-ghost-allowing-code-execution-affects-most-linux-systems/
http://www.zdnet.com/article/critical-linux-security-hole-found/

Basically this bug makes it possible to remotely gain access to a Linux server by exploiting this bug, although a service needs to be running on the server which uses the function that contains the bug, you never know what service/software uses this.
You can test if you're vulnerable with this http://security.stackexchange.com/a/80213

Be sure to patch your VPS/dedicated server. How to patch. (http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/)
In case you use shared hosting, inform your host and ask them if they patched it or if they can patch it asap.
Marv
01-30-2015, 04:35 PM
This info should be somehow more prominent..
Lynne
01-30-2015, 06:54 PM
I had actually asked my host about this the other day and had patched my site. But, they didn't tell me to do a reboot. I just now ran the test and it said I wasn't vulnerable. Then I checked to see if there were any dynamically linked programs still using the old version of glibc and I got a list of about 15 items. So, I rebooted and now I don't get any programs listed.

Anyway, thank you for posted that!
Marv
01-30-2015, 08:22 PM
Thanks for the heads up, Lynne. Hadn?t rebooted until I read your post :D
AusPhotography
01-30-2015, 10:29 PM
Not vulnerable here :)
Paul M
01-31-2015, 01:14 AM
Oh what fun ...... all my servers now patched.
CarpCharacin
02-02-2015, 03:27 AM
i contacted my webhost and they said that their hardware was the best and that if you have good hardware your os is secure. What lies...
ozzy47
02-02-2015, 09:36 AM
Time to get a new host. :)
ForceHSS
02-02-2015, 10:57 AM
Can someone explain how does one run this a step by step would be helpful
ozzy47
02-02-2015, 11:01 AM
Did you read this, How to patch. (http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/)

Me personally, I had my host do it, I pay them enough money. :)
ForceHSS
02-02-2015, 11:18 AM
Will need host to do it as I am not sure if I have access to that and not sure how to check
Paul M
02-02-2015, 11:21 AM
Can someone explain how does one run this a step by step would be helpful

yum update
reboot


Job done, on my servers anyway.
Simon Lloyd
02-02-2015, 03:00 PM
Will need host to do it as I am not sure if I have access to that and not sure how to checkYou'll need SSH access to your server to do it (Pauls' instructions) or ask your host.
ForceHSS
02-02-2015, 03:37 PM
Worked it out all done