Home > Control panel > Operations notices > CVE-2015-0235 glibc gethostname 'ghost' vulnerability

Related Links

Notice Links:

Notice

CVE-2015-0235 glibc gethostname 'ghost' vulnerability

PostedThu, 29 Jan 2015 05:23 AM UTC
Thu, 29 Jan 2015 00:23 AM EST
Last UpdateMon, 9 Feb 2015 01:05 AM UTC (511 weeks ago)
Sun, 8 Feb 2015 20:05 PM EST
StatusClosed

RimuHosting autopatch/deghost updates

@UTC Wed 4 Feb 0619:

We have created a 'deghost' script (http://github.com/pbkwee/deghost) to update the glibc packages.

Its key function is to tidy up apt and yum repositories if they are out of date, and to yum/apt install the libc library.  It typically works great on Squeeze, Wheezy, Canonical-supported Ubuntus, and Centos 5+

We are running this on customer servers.  When that completes you will be able to see the results at http://rimuhosting.com/cp/serverpatchstate.jsp

To opt out of the auto patch, please reply to the email we had sent.  If you have already patched the server, please do not reply to that email unless you do not wish us to touch your server (since the deghost script would not do anything if your server is already patched).

Even after the library is patched servers need to be restarted (so running programs using the old libc can be reload with the new libc).  You can do that for a VM at http://rimuhosting.com/cp/vps/restart.jsp

Please subscribe to this notice to receive updates.

ghost glibc vulnerabilty

There is a vulnerability in most versions of the ubiquitous glibc library (which is used by most server binaries: sshd, mysql, ntp, apache, etc)

http://chargen.matasano.com/chargen/2015/1/27/vulnerability-overview-ghost-cve-2015-0235.html
http://www.openwall.com/lists/oss-security/2015/01/27/9
https://security-tracker.debian.org/tracker/CVE-2015-0235

Patching the vulnerability

For modern, supported Debian and Ubuntu distros you can simply run apt-get update; apt-get install libc6

On Centos distros you can run yum install glibc.

This should work fine on Centos 7, Centos 6, Centos 5, Debian 7.  And Debian 6 if you are using the lts repositories.

Ubuntu 14.04 is not affected.  Supported Ubuntus per http://en.wikipedia.org/wiki/List_of_Ubuntu_releases#Table_of_versions should also have an update.

You can manually run our deghost script by SSH-ing into your server (as root).  Then running:

wget https://raw.githubusercontent.com/pbkwee/deghost/master/deghost.sh
bash deghost.sh

If you are running an unsupported Ubuntu distro or Debian Lenny (also unsupported) you can use the bash deghost.sh --break-eggs option to attempt to do a dist-upgrade to a stable version.

#

Keep You Updated?

Log in to subscribe to changes to this notice.

Set your contact details for future notifications.