Wednesday, January 28, 2015

CVE-2015-0235: Linux and glibc "Ghost" Vulnerability

Wondering about the Linux Ghost vulnerability?

Here's what I received from the US CERT:
The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.
US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu and Red Hat. The GNU C Library versions 2.18 and laterare also available for experienced users and administrators to implement.
How to determine if your distribution is affect:  run "ldd --version".  If versions prior to v2.18 show in the results, you're vulnerable.

I used this link to check my Ubuntu servers.  Although, that resource doesn't cater to Slackware, the checks can still be applied.  I'm not using Slackware as a flavor at the moment, but I'm sure Pat V. is working on a patched version of glibc.  In fact, it would be wise to check your distribution's website for further news about this vulnerability and how to patch your particular flavor of Linux.