Archive for the ‘Security Vulnerability’ Category

You are currently browsing the archives for the Security Vulnerability category.


Ghost Vulnerability Affecting Linux

You may have heard about a highly critical vulnerability called Ghost or Ghostbug (CVE-2015-0235) affecting most Linux distributions.

This vulnerability is present in the glibc (or eglibc) software on nearly every Linux server currently deployed, and affects versions originally released from 2000-2013. This means that the bug is present in nearly every deployed Linux server, estimates are currently said to be at ~90%.

If properly executed, this attack can lead to remote command execution and privilege escalation with relative trivial ease. We fully recommend that updates and reboots are carried out ASAP.

You can read more about it at the following URLS:

https://access.redhat.com/security/cve/CVE-2015-0235
http://arstechnica.com/security/2015/01/highly-critical-ghost-allowing-code-execution-affects-most-linux-systems/
https://news.ycombinator.com/item?id=8953545
http://ma.ttias.be/critical-glibc-update-cve-2015-0235-gethostbyname-calls/

As usual you’ll need to patch this yourself, here are some instructions on what you need to do…

Checking for the vulnerability

To check to see if your Linux server is vulnerable to CVE-2015-0235, please download (and check!) the following source code, compile it and run using the below commands:

$ wget https://gist.githubusercontent.com/chrisfu/2bbb99c4261b5337215b/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c
$ gcc gistfile1.c -o ghost-check
$ ./ghost-check

If you see “not vulnerable”, you don’t need to take any further action. However if you see the result “vulnerable”, you need to upgrade the affected packages and (preferably) reboot or restart all of the affected system services.

Patching the vulnerability

If you’re using:
Debian Squeeze (6.0) or newer,
Ubuntu Lucid LTS (10.04) or newer,
CentOS 5.0 or newer,
or RHEL 5.0 or newer, you can upgrade and reboot/restart with the below commands.

If you’re using:
Debian Lenny (5.0) or lower,
Ubuntu Hardy LTS (8.04) or lower,
CentOS 4.0 or lower,
or RHEL 4.0 or lower, please upgrade your operating system.

If you’re using:
Ubuntu Trusty LTS (14.04) or newer, you don’t need to take any further action.

Debian/Ubuntu
### To upgrade
$ sudo apt-get clean && sudo apt-get update && sudo apt-get -y install libc6 libc-bin libc6-dev libc-dev-bin

### To reboot (recommended for maximum security)
$ sudo reboot

### To restart affected system services without a reboot, do the following as the root user
$ sudo apt-get -y install lsof
# servicelist=””; for problemservice in `lsof 2> /dev/null | grep libc | awk ‘{print $1}’ | sort | uniq`; do for service in `ls /etc/init.d/* | awk -F “/etc/init.d/” ‘{print $2}’`; do if [ “$problemservice” == “$service” ]; then if [ -n “`service $problemservice status | grep running`” ]; then servicelist+=” $problemservice”; else echo “$problemservice found but service is not running”; fi; fi; done; done; count=`tr -dc ‘ ‘ <<<“$servicelist” | wc -c`; servicelist=`echo $servicelist | xargs`; echo -n “$count services have to be restarted ($servicelist): continue (y/N)? “; read continue; if [ $continue == “y” ]; then for service in $servicelist; do /etc/init.d/$service restart; done; else echo “Leaving without restarting services”; fi

RHEL/CentOS
### To upgrade
$ sudo yum clean all && sudo yum -y update glibc glibc-common

### To reboot (recommended for maximum security)
$ sudo reboot

### To restart affected system services without a reboot, do the following as the root user
$ yum -y install lsof
# servicelist=””; for problemservice in `lsof 2> /dev/null | grep libc | awk ‘{print $1}’ | sort | uniq`; do for service in `ls /etc/init.d/* | awk -F “/etc/init.d/” ‘{print $2}’`; do if [ “$problemservice” == “$service” ]; then if [ -n “`service $problemservice status | grep running`” ]; then servicelist+=” $problemservice”; else echo “$problemservice found but service is not running”; fi; fi; done; done; count=`tr -dc ‘ ‘ <<<“$servicelist” | wc -c`; servicelist=`echo $servicelist | xargs`; echo -n “$count services have to be restarted ($servicelist): continue (y/N)? “; read continue; if [ $continue == “y” ]; then for service in $servicelist; do /etc/init.d/$service restart; done; else echo “Leaving without restarting services”; fi

 

 
16 queries. 0.150 seconds.