How To Protect Your Linux Server from the GHOST Vulnerability

GHOST vulnerability affecting Linux systems was discovered in the C library of GNU / Linux (glibc) that gives control to attackers without requiring system credentials.

ghost-linux-security-vulnerability-e1422467010987.png.pagespeed.ce.SiGafGqc3D

GHOST creates a buffer overflow that affects all the gethostbyname*() functions in the glibc library. These functions change a hostname into an IP addresses. A hacker exploiting this can gain complete access of the Linux machine.

To verify you are running the updated packages, run the following commands:

rpm -qa glibc
rpm -qa nscd

 

The updated versions for CentOS 5 and 6 are shown below:

####
CentOS 5:

glibc-2.5-123.el5_11.1
nscd-2.5-123.el5_11.1

 

CentOS 6:

glibc-2.12-1.149.el6_6.5
nscd-2.12-1.149.el6_6.5

####

Not on these versions of CentOS? Run “yum update glibc nscd” to update the package.

A server reboot is recommended to ensure that all services begin using the new packages. If a reboot is not possible, most processes should be restarted on the server.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.