Article ID: 54054
Article Type: Troubleshooting
Last Modified:
The GHOST vulnerability in Linux operating systems can allow a remote attacker to execute arbitrary code
GHOST (CVE-2015-0235) vulnerability which may be invoked directly or indirectly on computers with a Linux operating system, allows a remote attacker to make an application call to execute arbitrary code.
GHOST (CVE-2015-0235) vulnerability is a 'buffer overflow' bug affecting the glibc library functions gethostbyname() and gethostbyname2(). This vulnerability allows a remote attacker to use either of these functions to execute arbitrary code with the permissions of the user running the application. Any application performing DNS resolution using these two function calls in the glibc library is affected
All customers are urged to immediately take the following steps for any computers running Linux:
Additionally, for virtual environments with File Recovery Enabler for Linux installed, we recommend you do either of the following:
To install a new File Recovery Enabler for Linux, download the patched version, FBRTemplate64.ova - File Recovery Enabler for Linux (FRE) with SP9 (patched for GHOST & NTP vulnerabilities) from the Cloud Services site or from Maintenance Advantage. (For detailed instructions, see Deploying the File Recovery Enabler.)
For more information about accessing the Cloud Services website, see Software Store.
For more information on this vulnerability and vendor instructions see:
Redhat bug advisory : https://access.redhat.com/articles/1332213
SLES bug advisory : https://www.novell.com/support/kb/doc.php?id=7016113
How to fix the problem on various linux distros : https://www.digitalocean.com/community/tutorials/how-to-protect-your-linux-server-against-the-ghost-vulnerability