computersecuritynewsSecurityexploits

Ghost: glibc vulnerability CVE2015-0235

How dangerous is it?  It is an inherent Linux glibc vulnerability.

RedHat is discussing it on their articles page – has the CVE number 2015-0235 https://access.redhat.com/articles/1332213

It is nicknamed “Ghost” due to the ghostbyname() function calls in the glibc library, specifically:

GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.”

 

So that is why I am invoking Deadmau5′ Ghosts n Stuff – a classic electric music song from 2008 Youtube ensemble (35mil hits).

It is a CVE rating of 6.8, and thus is not on fire like the bash shell code vulnerability. So in the scheme of things it should get patched where patches exist (Redhat is still working on RHEL4), but many versions have patches available.

So since this is a rather difficult vulnerability to use (hence the lower rating) I would include this one in the standard upgrade cycle.

 

To test Redhat products for glibc vulnerability go to your Red Hat account at: https://idp.redhat.com/idp/

 

Also you can check this page : http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/fix-ghost-vulnerability-centos-rhel-fedora-scientific-linux/

Has some good commands  as root to verify the current version, install new, and check if it has the new version after upgrade.

 

If you need help with Linux – Contact Us.

Tony 314-504-3974

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.