CVE-2015-0235 – Ghost Vulnerability
Post applies to Exadata, Exalogic and Exalytics.
Here is a check script to check if a system is vulnerable to GHOST security vulnerability.
######### testghost.sh #########
/usr/sbin/clockdiff `python -c “print ‘0’ * $((0x10000 – 16 * 1 – 2 * 4 – 1 – 4))” `
echo $?
php -r ‘$e = “0”;for($i = 0; $i < 2500; $i++){ $e = “0$e”; } gethostbyname($e);’
echo $?
###############################
Note: If the first set gives “Segmentation fault” and second returns “139”, then
the vulnerability is present in glibc.
###########################################
[root@server-name ~]# sh testghost.sh
clockdiff: ebs-template: my host not found
1
testghost.sh: line 4: 17976 Segmentation fault php -r ‘$e = “0”;for($i = 0; $i < 2500; $i++){ $e = “0$e”; } gethostbyname($e);’
139
[root@ebs-template ~]#
###########################################
MOS documents to address the vulnerability
Exalogic : CVE-2015-0235 – Ghost Vulnerability – Patch Availability for Oracle Exalogic Linux Physical and Virtual Racks (Doc ID 1965975.1)
Exalytics : CVE-2015-0235 AKA “Ghost” vulnerability in glibc – Patch Availability Document for Oracle Exalytics Linux Physical and Virtual systems (Doc ID 1966284.1)
Exadata : glibc vulnerability (CVE-2015-0235) patch availability for Oracle Exadata Database Machine (Doc ID 1965525.1)
Read Full Post | Make a Comment ( None so far )