A vulnerability has been discovered in Linux GNU C Library (glibc) which allows remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
CVE Number
CVE-2015-0235
Risk
High
Impacted Systems
Linux and UNIX based systems
Recommendation
System owners are advised to apply the latest version of glibc, from their respective Linux and UNIX OS vendors immediately, and reboot their systems to complete the installation.
The UBC IT Satellite server is up-to-date with the current glibc patches for Red Hat 5, 6 & 7; system owners should immediately download the latest patches.
Debian and Ubuntu system owners can receive the latest patches by pointing their servers to mirror.it.ubc.ca
Vendor-Specific Links
Red Hat
Red Hat glibc latest versions:
Red Hat 5: glibc-2.5-123.el5_11.1
Red Hat 6: glibc-2.12-1.149.el6_6.5
Red Hat 7: glibc-2.17-55.el7_0.5
Red Hat CVE-2015-0235 link:
https://access.redhat.com/security/cve/CVE-2015-0235
Red Hat 5 patch versions link:
https://rhn.redhat.com/errata/RHSA-2015-0090.html
Red Hat 6 & 7 patch versions link:
https://rhn.redhat.com/errata/RHSA-2015-0092.html
CentOS
CentOS glibc latest versions:
CentOS 5: glibc-2.5-123.el5_11
CentOS 6: glibc-2.12-1.149.el6_6.5
CentOS 7: glibc-2.17-55.el7_0.5
Ubuntu
Ubuntu glibc latest versions:
Ubuntu 12.04 LTS: libc6 2.11.1-0ubuntu7.20
Ubuntu 10.04 LTS: libc6 2.15-0ububtu 10.10
Ubuntu CVE-2015-0235 link:
http://www.ubuntu.com/usn/usn-2485-1/
SUSE
SUSE CVE-2015-0235 link:
http://support.novell.com/security/cve/CVE-2015-0235.html
Debian
Debian glibc latest versions:
https://security-tracker.debian.org/tracker/CVE-2015-0235
Debian CVE-2015-0235 link:
https://www.debian.org/security/2015/dsa-3142
Other Links
Qualys
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
NIST
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235
GNU C Library
http://www.gnu.org/software/libc/