Information on CVE-2015-0235 (GHOST) Vulnerability for Red Hat and CentOS

A vulnerability found in the glibc library, specifically a flaw affecting the gethostbyname() and gethostbyname2() function calls, that allows a remote attacker to potentially execute arbitrary code. CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.

Liquid Web package repositories have been updated. Many servers (barring those with updates disabled) have received an update that patches this vulnerability, however, a reboot will still be required in those cases.

To verify your glibc has at least downloaded the patch you can run the following command on your server:

rpm -q --changelog glibc | grep CVE-2015-0235

If your server has the patch, then you should receive a response similar to:

– Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183535).

Be sure to reboot your server after the patch is installed.

We also have tutorials on How to Check the glibc (GNU libc) Version on CentOS 6 and CentOS 7 and How To Update the glibc (GNU libc) in CentOS / Red Hat.

Red Hat describes the issue as follows:

A heap-based buffer overflow was found in glibc’s __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.

Further information on CVE-2015-0235 is available from the Red Hat.

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.