GHOST glibc exploit

Exadata’s comp nodes and storage cells may be vulnerable to the glibc “GHOST” exploit that’s currently in the tech news (full control of remote systems can be obtained through gethostbyname()).

Remedial steps for Exadata can be found here:

glibc vulnerability (CVE-2015-0235) patch availability for Oracle Exadata Database Machine (Doc ID 1965525.1)

As it’s a vulnerability with glibc, other RHEL / OEL systems might also be affected.  “Unpatched” versions of glibc from 2.2 to 2.17 contain the exploit.

To check whether a system is vulnerable:

        rpm -q glibc
             glibc-2.12-1.132.el6_5.4.x86_64

If the version of glibc matches or is more recent than the versions below, the system is NOT vulnerable to the exploit.

• RHEL 5: 2.5-123
• RHEL 6: 2.12-1.149
• RHEL 7: 2.17-55

If the installed version is older than these versions, “yum update glibc” will install the latest version.  A server reboot is necessary.

 

Advertisements
Tagged , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: