January 27, 2015 The gethostbyname function of the Linux GNU glibc standard library burst into a buffer overflow vulnerability, with the vulnerability number cve-2015-0235. The hacker can realize the remote code execution through the GetHostByName series function, obtains the server control and the Shell permission, this vulnerability triggers the way many, the influence scope is large, has confirmed the successful utilization software and the system: GLIBC 2.2 to 2.17 (contains 2.2 and 2.17 versions).
The gethostbyname function of the GNU GLIBC standard library bursts into a buffer overflow vulnerability, vulnerability number: cve-2015-0235. GLIBC is a C library that provides system calls and basic functions, such as open, malloc, printf, and so on. All dynamically connected programs need to use GLIBC. A remote attacker could exploit this vulnerability to execute arbitrary code and elevate the permissions of the user running the application.
Vulnerability detection Methods
Follow the instructions:
#include <netdb.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include < ;errno.h> #define CANARY "In_the_coal_mine" struct {char buffer[1024]; Char canary[sizeof (Canary)]; temp = {"Buffer", CANARY}; int main (void) {struct hostent resbuf; struct Hostent *result; int Herrno; int retval; /*** strlen (name) = Size_needed-sizeof (*host_addr)-sizeof (*H_ADDR_PTRS)-1; /size_t len = sizeof (Temp.buffer) -16*sizeof (unsigned char)-2*sizeof (char *)-1; Char name[sizeof (temp.buffer)]; memset (name, ' 0 ', Len); Name[len] = ' + '; retval = Gethostbyname_r (name,&resbuf, Temp.buffer, sizeof (Temp.buffer), &result, &herrno); if (strcmp (Temp.canary, Canary)!=0) {puts ("vulnerable"); Exit (exit_success); } if (retval = = Erange) {puts ("notvulnerable"); Exit (exit_success); } puts ("should nothappen"); Exit (exit_failure);}
Save the above code content as Ghost.c and execute:
GCC ghost.c-o ghost$./ghostvulnerable //Indicates a vulnerability that needs to be repaired. $./ghostnotvulnerable//indicates a successful repair.
Recommended Patching Scenarios
Special note: Since GLIBC is part of the Linux system infrastructure, in order to avoid the impact of patching on your server, it is recommended that you choose the right time to fix it, and be sure to back it up with a snapshot before the repair.
CentOS 5/6/7
Yum Update glibc
Ubuntu 12/14
Apt-get Updateapt-get Install Libc6
Debian 6
Wget-o/etc/apt/sources.list.d/debian6-lts.list Http://mirrors.aliyun.com/repo/debian6-lts.listapt-get Updateapt-get Install Libc6
Debian 7
Apt-get Updateapt-get Install Libc6
OpenSUSE 13
Zypper refreshzypper Update glibc*
Aliyun Linux 5u7
Wget-o/etc/yum.repos.d/aliyun-5.repo Http://mirrors.aliyun.com/repo/aliyun-5.repoyum Update glibc
- This article is from: Linux Learning Network
Serious security vulnerability detection and repair scheme for Linux glibc Library