Linux glibc security vulnerability cve-2015-7547 Repair and detection method

Source: Internet
Author: User
Tags bz2 syslog cve

Reference Links: http://toutiao.com/i6253272495634252289/

Vulnerability Information: https://rhn.redhat.com/errata/RHSA-2016-0175.html

Here's how to do it: (Test in CentOS 6.5 environment)

#####################################################

1. View the operating system version and GLIBC version as follows
[Email protected] ~]# cat/etc/redhat-release
CentOS Release 6.5 (Final)
[Email protected] ~]# uname-r
2.6.32-431.el6.x86_64
[Email protected] ~]# uname-a
Gnu/linux
[Email protected] ~]# cat/etc/resolv.conf
; Generated By/sbin/dhclient-script
NameServer 127.0.0.1
[[email protected] ~]# ls
Anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
Cve-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Eaccelerator-master Templates
Install.log Videos
Install.log.syslog WordPress
Master.zip wordpress-4.4.1-zh_cn.tar.gz
[Email protected] glibc2.12.166]# Rpm-qa | Grep-i glibc
Glibc-devel-2.12-1. the. el6.x86_64
Glibc-common-2.12-1.132.el6.x86_64
Glibc-2.12-1.132.el6.x86_64
Glibc-headers-2.12-1.132.el6.x86_64

#####################################################

2. Download cve-2015-7547, unzip the following files:

[Email protected] ~]# CD cve-2015-7547-master/
[[email protected] cve-2015-7547-master]# ls
cve-2015-7547-client.c cve-2015-7547-poc.py LICENSE Makefile README
#下载后 Execute Python cve-2015-7547-poc.py (This step takes about more than 10 minutes to appear)

[Email protected] cve-2015-7547-master]#python cve-2015-7547-poc.py
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:47403
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:47404
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 36
[UDP] Total Data Len Recv 36
Connected with 127.0.0.1:47405
[TCP] Total Data len Recv 76
[TCP] Request1 Len Recv 36
[TCP] Request2 Len Recv 36
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:47409
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:47410
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data len Recv 39
[UDP] Total Data len Recv 39
Connected with 127.0.0.1:47411
[TCP] Total Data Len Recv 82
[TCP] Request1 Len Recv 39
[TCP] Request2 Len Recv 39
^ctraceback (most recent):
File "cve-2015-7547-poc.py", line 176, in <module>
Tcp_thread ()
File "cve-2015-7547-poc.py", line, in Tcp_thread
conn, addr = Sock_tcp.accept ()
File "/usr/lib64/python2.6/socket.py", line 197, in accept
Sock, addr = Self._sock.accept ()
Keyboardinterrupt
##########################################################

3. Compile GCC cve-2015-7547-client.c-o client in another Linux window

[Email protected] cve-2015-7547-master]# gcc cve-2015-7547-client.c-o client
[[email protected] cve-2015-7547-master]# ls
Client cve-2015-7547-client.c cve-2015-7547-poc.py LICENSE Makefile README
[Email protected] cve-2015-7547-master]#./client
Segmentation fault (core dumped)
[Email protected] cve-2015-7547-master]#

Execute the./client file

If the return segment error (segmentation fault) has a vulnerability

If the return Client:getaddrinfo:Name or service not known vulnerability has been fixed

###############################################################

4. Update glibc, download glibc related RPM package
[[email protected] ~]# ls
Anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
Cve-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Eaccelerator-master Templates
glibc2.12.166 Videos
Install.log WordPress
Install.log.syslog wordpress-4.4.1-zh_cn.tar.gz
Master.zip
[Email protected] ~]# CD glibc2.12.166/

#########################################################################

############## #如下为glibc更新的rpm包 #####################
[[email protected] glibc2.12.166]# ls
glibc-2.12-1.166.el6_7.7.i686.rpm glibc-headers-2.12-1.166.el6_7.7.x86_64.rpm
glibc-2.12-1.166.el6_7.7.x86_64.rpm glibc-static-2.12-1.166.el6_7.7.x86_64.rpm
glibc-common-2.12-1.166.el6_7.7.x86_64.rpm glibc-utils-2.12-1.166.el6_7.7.x86_64.rpm
glibc-devel-2.12-1.166.el6_7.7.x86_64.rpm
########## #强制安装rpm包 ###############################

[email protected] glibc2.12.166]#RPM-UVH--nodeps--force glibc-*
Preparing ... ########################################### [100%]
1:glibc-common ########################################### [14%]
2:GLIBC ########################################### [29%]
3:glibc-headers ########################################### [43%]
4:glibc-devel ########################################### [57%]
5:glibc-static ########################################### [71%]
6:glibc-utils ########################################### [86%]
7:GLIBC ########################################### [100%]

###### #更新后查询glibc版本 ####################
[Email protected] glibc2.12.166]# Rpm-qa | Grep-i glibc
Glibc-static-2.12-1.166.el6_7.7.x86_64
Glibc-headers-2.12-1.166.el6_7.7.x86_64
glibc-2.12-1.166.el6_7.7.i686
Glibc-2.12-1.166.el6_7.7.x86_64
Glibc-utils-2.12-1.166.el6_7.7.x86_64
Glibc-common-2.12-1.166.el6_7.7.x86_64
Glibc-devel-2.12-1.166.el6_7.7.x86_64
[Email protected] glibc2.12.166]#

Reboot restarting the server

##################################################################################

3. Use the 2nd step method to detect if there are any vulnerabilities
[[email protected] ~]# ls
Anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
Cve-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Eaccelerator-master Templates
glibc2.12.166 Videos
Install.log WordPress
Install.log.syslog wordpress-4.4.1-zh_cn.tar.gz
Master.zip
[Email protected] ~]# CD cve-2015-7547-master/
[[email protected] cve-2015-7547-master]# ls
cve-2015-7547-client.c cve-2015-7547-poc.py LICENSE Makefile README
[Email protected] cve-2015-7547-master]# py
Pydoc Pygtk-demo python python2 python2.6
[Email protected] cve-2015-7547-master]#python cve-2015-7547-poc.py

[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:34043
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:34044
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:34045
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 44
[UDP] Total Data Len Recv 44
Connected with 127.0.0.1:34046
[TCP] Total Data Len Recv 46
[TCP] Request1 Len Recv 44
[UDP] Total Data Len Recv 36
[UDP] Total Data Len Recv 36
Connected with 127.0.0.1:34047
[TCP] Total Data len Recv 76
[TCP] Request1 Len Recv 36
[TCP] Request2 Len Recv 36
^ctraceback (most recent):
File "cve-2015-7547-poc.py", line 176, in <module>
Tcp_thread ()
File "cve-2015-7547-poc.py", line, in Tcp_thread
conn, addr = Sock_tcp.accept ()
File "/usr/lib64/python2.6/socket.py", line 197, in accept
Sock, addr = Self._sock.accept ()
Keyboardinterrupt

[Email protected] ~]# CD cve-2015-7547-master/
[[email protected] cve-2015-7547-master]# ls
cve-2015-7547-client.c cve-2015-7547-poc.py LICENSE Makefile README
[Email protected] cve-2015-7547-master]# gcc cve-2015-7547-client.c-o Client
[[email protected] cve-2015-7547-master]# ls
Client cve-2015-7547-client.c cve-2015-7547-poc.py LICENSE Makefile README
[Email protected] cve-2015-7547-master]# ./client
Client:getaddrinfo:Name or service not known

If the return Client:getaddrinfo:Name or service not known vulnerability has been fixed

Linux glibc security vulnerability cve-2015-7547 Repair and detection method

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.