Serious Network Function Vulnerability Found In Glibc
"A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors." -- sources: http://news.slashdot.org/story/15/01/27/1925208 Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174
An update for CloudLinux 5 & 6 was just released to address the previously mentioned glibc vulnerability and it is recommended to update as soon as possible. Update Instructions: yum update glibc Official Link: http://cloudlinux.com/blog/clnews/612.php On Wed, Jan 28, 2015 at 1:32 AM, Peter Reutemann <fracpete(a)waikato.ac.nz> wrote:
"A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors."
-- sources: http://news.slashdot.org/story/15/01/27/1925208
Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174 _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: http://list.waikato.ac.nz/mailman/listinfo/wlug
"A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors."
-- sources: http://news.slashdot.org/story/15/01/27/1925208
Looks like Linux Mint 17 and 17.1 aren't affected by this bug: http://forums.linuxmint.com/viewtopic.php?f=47&t=188327 Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174
On Thu, 29 Jan 2015 09:30:14 +1300, Peter Reutemann wrote:
Looks like Linux Mint 17 and 17.1 aren't affected by this bug:
If you want to check it on your own system for yourself, enclosed is the C example program from the Qualys advisory. Compile it, run it, and see if it prints “vulnerable” or “not vulnerable”.
If you want to check it on your own system for yourself, enclosed is the C example program from the Qualys advisory. Compile it, run it, and see if it prints “vulnerable” or “not vulnerable”.
For people not that accustomed to compiling stuff, you need "gcc" installed to compile the C file and then execute it as follows (in the directory where you downloaded the C file to): gcc -o ghost_test ghost_test.c ./ghost_test Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174
participants (3)
-
Danial José -
Lawrence D'Oliveiro -
Peter Reutemann