GHOST Vulnerability – Beware!
Update your glibc package now to avoid newly discovered glibc buffer over flow. Wait, what is that? According to Qualys Security Advisory CVE-2015-0235 [link], the bug is reachable both locally and remotely via the gethostbyname*() functions hence they named it as GHOST. Shortly, the vulnerability allows remote attackers to take complete control of a system by exploiting a buffer overflow bug in glibc’s GetHOST functions. Sounds horrible enough? Beware and update your VPS ASAP!
What kind of Linux Distro is affected by this vulnerability? Almost all popular distros including CentOS 6 & 7, Debian 7, RHEL 6 & 7, Ubuntu 10.04 & 12.04. How to patch GHOST vulnerability?
It’s simple, simply run update task.
First, login to your server root and issue this command:
On Ubuntu or Debian:
apt-get update && apt-get dist-upgrade -y
On CentOS or RHEL:
yum update glibc -y
Once done, do not forget to reboot your server. It is is necessary because the GNU C Library is used by many applications that must be restarted to use the updated library.