Ghost vunerability – Ubuntu and CentOS

Ghost vunerability

A new vulnerability, GHOST: glibc vulnerability (CVE-2015-0235), has been discovered that affects certain Linux systems.

This exploit affects the gethostbyname functions in the GNU C Library (glibc), which is a key component of all Linux systems. Because many software programs rely on these functions, Linux machines are vulnerable to this exploit, and a successful attack can gain complete control of the system without prior knowledge of logins or passwords.

To determine whether a server within your account is vulnerable, you should run the following commands from the commandline:

wget http://mirrors.uk.heg.com/ghost/ghost-checker

chmod +x ghost-checker

./ghost-checker

If your system returns with “VULNERABLE”, your system is vulnerable to GHOST.
To protect yourself from this vulnerability, you must patch your server. To do so, please run the appropriate command listed below:

Ubuntu:
sudo apt-get update

apt-get install –only-upgrade glibc*

CentOS:
sudo yum clean all

sudo yum update glibc

Once you have patched your system, you will need to reboot it. It is vitally important to reboot your server after you have run the commands. Until you reboot, your system will continue to use the old files, rather than your new, updated files.

Frimley Computing servers were patched as soon as the vunerability was announced (after some invesigation) as part of our Fully Managed Hosting Service, keeping our Clients websites and applications secure.

Posted in Business Users, Datacenter, Malware, Security, UNIX, Web Hosting, WordPressTagged , , ,