GLIBC GHOST :: glibc vulnerability (CVE-2015-0235)
Recently, an another vulnerability found in “Glibc” under CVE-2015-0235. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.
Why the name GHOST?
It’s not a GHOST 🙂 GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library.
Update the Glibc version by using YUM. Here is the command:
yum update glibc
For CloudLinux 5 : glibc-2.5-123.el5_11.1
For CloudLinux 6 : glibc-2.12-1.149.el6_6.5
Then restart the services which using this funtions.
Exim, Apache, LiteSpeed, Nginx, cPanel, PostgreSQL, OpenSSH, Postfix/sendmail etc
Or reboot the server.