CloudLinux OS Blog - GLIBC GHOST remote vulnerability - CVE-2015-0235
CloudLinux OS Blog

GLIBC GHOST remote vulnerability - CVE-2015-0235

Hello Everyone,

There is a new remote vulnerability in glibc under CVE-2015-0235. The bug is in __nss_hostname_digits_dots() function, which is used by the gethostbyname().
It is a buffer overflow vulnerability, that allows attacker to execute arbitrary code.
Updated packages had been relesed for CL6 & CL5. Please, make sure to update.

Updated CL5 GLIBC version:

glibc-2.5-123.el5_11.1


Updated CL6 GLIBC version:
glibc-2.12-1.149.el6_6.5

To update:
$ yum update glibc

So far there is a proof of concent that can use this vulnerability against Exim servers. While initial investigation by Qualys reports that there is no way to exploit following services to the best of their knowledge, we still recommend to update for everyone.
apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql,
nfs-utils, nginx, nodejs, openldap, openssh, postfix, proftpd,
pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers,
vsftpd, xinetd.
Beta: python-cllib and alt-mod-passenger updated
Beta: alt-ruby 18 1.8.7-3
 

Comments 8

Guest - Tommy K on Tuesday, 27 January 2015 18:30

Is a reboot needed?

Is a reboot needed?
Guest - Leith Campbell on Tuesday, 27 January 2015 18:56

How can we confirm the update is installed? One server updated while another said "No Packages marked for Update".
ldd --version does not return enough information.

EDIT: yum list glibc provided the details I needed. However, the successful server returns:


glibc.i686

How can we confirm the update is installed? One server updated while another said "No Packages marked for Update". ldd --version does not return enough information. EDIT: yum list glibc provided the details I needed. However, the successful server returns: glibc.i686
Guest - Igor Seletskiy on Tuesday, 27 January 2015 19:31

no reboot needed.

no reboot needed.
Guest - Igor Seletskiy on Tuesday, 27 January 2015 19:31

Try doing

Try doing
Guest - Leith Campbell on Tuesday, 27 January 2015 19:39

Thank you sir! That did the trick and I'll try to remember that.

Thank you sir! That did the trick and I'll try to remember that.
Guest - marc on Wednesday, 28 January 2015 15:13

removed

removed
Guest - marc on Wednesday, 28 January 2015 16:31
Guest - Igor Seletskiy on Wednesday, 28 January 2015 18:59

I disagree on the need to reboot. More info are in this blog post.

http://www.cloudlinux.com/blog/clnews/glibc-ghost-do-you-really-have-to-reboot.php

I disagree on the need to reboot. More info are in this blog post. http://www.cloudlinux.com/blog/clnews/glibc-ghost-do-you-really-have-to-reboot.php
Already Registered? Login Here
Guest
Tuesday, 18 June 2019

Captcha Image