Skip to end of metadata
Go to start of metadata

Problem

GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Specifically, the buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that's invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application.

Solution

Red Hat/CentOS: Upgrade glibc to at least the following version:

Operating Systemglibc
CentOS 6glibc-2.12-1.149.el6_6.5
CentOS 7glibc-2.17-55.el7_0.5
RHEL 5glibc-2.5-123.el5_11.1
RHEL 6glibc-2.12-1.149.el6_6.5
RHEL 7glibc-2.17-55.el7_0.5

Ubuntu:

Check the version glibc by looking up the version of ldd (which uses glibc) like this:

ldd --version

The first line of the output will contain the version of eglibc, the variant of glibc that Ubuntu and Debian use. It might look like this, for example (the version is highlighted in this example):

ldd (Ubuntu EGLIBC 2.15-0ubuntu10.7) 2.15
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.

If the version of eglibc matches, or is more recent than, the ones listed here, you are safe from the GHOST vulnerability:

Operating Systemeglibc
Ubuntu 12.04 LTS2.15-0ubuntu10.10
Ubuntu 10.04 LTS2.11.1-0ubuntu7.20
Debian 7 LTS2.13-38+deb7u7

The SiteMaestro Agent version 3.9.5 addresses this issue by linking against one of the glibc versions (or newer) above.

Upgrade to SiteMaestro Agent version 3.9.5 or later.

https://access.redhat.com/security/cve/CVE-2015-0235