Tutorials for debian
User avatar
By adm_3ch
If you run a Linux server, and you’re on top of things, you’ve heard of GHOST.. which is a heap buffer overflow vulnerability announced today. Distributions are working on a patch and some are ready now.About GHOST Vulnerabilities
The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. CVE-2015-0235 has been assigned to this issue.How to Patch Ghost On CentOS/RHEL
There is a patch available for CentOS 5, CentOS 6, CloudLinux5 and CloudLinux 6 in the repos.. soon for Debian as well. Here is how to patch in CentOS (or other yum / rhel flavor)
First, let’s see if you’re patched already by typing:

Code: Select all
rpm -q --changelog glibc|grep CVE-2015-0235

If you’re patched already, you’ll see:
Code: Select all
- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183532).
IF you do not see that, check to if the update is in your repos yet:

Code: Select all
yum clean all && yum update glibc

If it says “No Packages marked for Update” then try again later…
If it shows you an update is available, run the update, then reboot (because there are a lot of various services that use glibc and restarting is a lot easier than finding and restarting each one).

Code: Select all
shutdown -r now
How to Patch Ghost On Ubuntu/Debian

For currently supported versions of Ubuntu or Debian, update all of your packages to the latest version available via apt-get dist-upgrade:

Code: Select all
apt-get update && sudo apt-get dist-upgrade
Then respond to the confirmation prompt with y.
When the update is complete, reboot the server with this command:

Code: Select all
​​​​​​​A reboot is necessary since the GNU C Library is used by many applications that must be restarted to use the updated library.

Intel® Xeon 2.53GHz [...]