[NBLUG/talk] GHOST: glibc gethostbyname buffer overflow
Eric Eisenhart
eric at nblug.org
Tue Jan 27 14:32:55 PST 2015
RHEL has an update out.
https://rhn.redhat.com/errata/RHSA-2015-0090.html
https://rhn.redhat.com/errata/RHSA-2015-0092.html
Note that you need to reboot after updating glibc.
Well, technically instead of rebooting, you could do something like "lsof |
grep lib | grep DEL" to find everything using old version of libraries that
have been updated, and restart anything that could be persuaded into doing
a DNS lookup (anything accessible to the world). But, really, there's so
many things that you're probably better off just rebooting.
On Tue Jan 27 2015 at 2:24:49 PM Omar Eljumaily <omar at omnicode.com> wrote:
> Good 'ol RHEL/Centos still seems to be vulnerable.
>
> On 1/27/2015 2:08 PM, gandalf at sonic.net wrote:
> > http://www.openwall.com/lists/oss-security/2015/01/27/9
> >
> > _______________________________________________
> > talk mailing list
> > talk at nblug.org
> > http://nblug.org/cgi-bin/mailman/listinfo/talk
>
> _______________________________________________
> talk mailing list
> talk at nblug.org
> http://nblug.org/cgi-bin/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nblug.org/pipermail/talk/attachments/20150127/4825231a/attachment.html>
More information about the talk
mailing list