Wednesday, January 28, 2015

CVE-2015-0235: Linux and glibc "Ghost" Vulnerability

Wondering about the Linux Ghost vulnerability?

Here's what I received from the US CERT:
The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.
US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu and Red Hat. The GNU C Library versions 2.18 and laterare also available for experienced users and administrators to implement.
How to determine if your distribution is affect:  run "ldd --version".  If versions prior to v2.18 show in the results, you're vulnerable.

I used this link to check my Ubuntu servers.  Although, that resource doesn't cater to Slackware, the checks can still be applied.  I'm not using Slackware as a flavor at the moment, but I'm sure Pat V. is working on a patched version of glibc.  In fact, it would be wise to check your distribution's website for further news about this vulnerability and how to patch your particular flavor of Linux.
Post a Comment