[amres-info] GHOST (CVE-2015-0235) ranjivost na Linux OS
Miloš Kukoleča
milos.kukoleca at amres.ac.rs
Wed Jan 28 15:15:27 CET 2015
Poštovane koleginice i kolege,
Kao što vas je kolega Ratko Bučić već obavestio pojavila se nova ranjivost u
GLIBC bibliotekama na svim važnijim Linux distribucijama (CVE-2015-0235).
Veliki broj servisa na Linux serverima koristi ove bilbioteke što ih čini
potencijalno ranjivim na napade. Koristeći "gethostbyname" funkcije u GLBIC
bibliotekama, napadač može izvršiti tzv. "buffer overflow" napad i potom
doći u poziciju da izvršava proizvoljne skripte na udaljenom Linux serveru.
Molimo vas da proverite vaše Linux servere i ažurirate GLIBC bibliotečki
paket budući da su sve važnije distribucije izdale najnoviju zakrpu. U
nastavku vas upućujemo na odgovarajuće linkove za pojedinačne distribucije.
RedHat operativni sistem:
https://access.redhat.com/articles/1332213
CentOS 5 operativni sistem:
http://lists.centos.org/pipermail/centos-announce/2015-January/020906.html
CentOS 6 operativni sistem:
http://lists.centos.org/pipermail/centos-announce/2015-January/020907.html
CentOS 7 operativni sistem:
http://lists.centos.org/pipermail/centos-announce/2015-January/020908.html
Debian operativni sistem:
https://security-tracker.debian.org/tracker/CVE-2015-0235
Ubuntu operativni sistem:
http://www.ubuntu.com/usn/usn-2485-1/
Srdačan pozdrav,
AMRES CSIRT tim
Description: bplogo
Akademska mreža Republike Srbije
Bulevar Kralja Aleksandra 90, 11000 Beograd, Srbija
Tel: +381 11 7158 942
Fax: +381 11 3370 288
Email <mailto:csirt at amres.ac.rs> csirt at amres.ac.rs
Internet: <http://www.amres.ac.rs/> http://www.amres.ac.rs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20150128/19ad5662/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 3571 bytes
Desc: not available
Url : http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20150128/19ad5662/attachment.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6819 bytes
Desc: not available
Url : http://afrodita.rcub.bg.ac.rs/pipermail/amres-info/attachments/20150128/19ad5662/attachment.bin
More information about the amres-info
mailing list