Jump to content

Like, zoinks! Linux Ghost Vulnerability

DevilishBooster
By DevilishBooster
in Tech News
 Share
Posted

Like, zoinks!! A G-G-G-GHOST!!!!!

A vulnerability (and repair codes) has been discovered in all year 2000+ Linux operating systems that opens you up to hackers. 

"A critical vulnerability called GHOST has been found in glibc, the GNU C library, which affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines. The CVE code of GHOST is CVE-2015-0235."

http://www.cmcm.com/blog/en/security/2015-01-28/536.html

http://www.zdnet.com/article/critical-linux-security-hole-found/

http://www.pcworld.com/article/2876572/ghost-vulnerability-poses-high-risk-to-linux-distributions.html

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to comment
https://linustechtips.com/topic/299785-like-zoinks-linux-ghost-vulnerability/
Share on other sites
Link to post
Share on other sites
Posted

Interesting...

(wtf does that mean)

I'm not SAV1OUR. I promise. | Number of successfully bricked phones: 1 Samsung Galaxy S5 | 01001001 01110100 00100000 01110111 01100001 01110011 00100000 01100001 01101100 01101100 00100000 01100001 01101110 00100000 01100101 01101100 01100001 01100010 01101111 01110010 01100001 01110100 01100101 00100000 01110010 01110101 01110011 01100101 00101110

Link to post
Share on other sites
Posted
  • Author

Interesting...

(wtf does that mean)

From my understanding (which is admittedly very little since I am just starting with Linux systems) it means that it creates an extremely easy backdoor access into what ever device you have that is Linux based. Hopefully a much more experienced Linux user can clarify.

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to post
Share on other sites
Posted

-snip-

Why does it exist? I mean, how come it wasn't found earlier? Get some super duper security hackers to test it all the time so this kind of thing doesn't happen anymore. Or at least it will be found faster instead of 5 years later when attackers have had time to take advantage of it.

I'm not SAV1OUR. I promise. | Number of successfully bricked phones: 1 Samsung Galaxy S5 | 01001001 01110100 00100000 01110111 01100001 01110011 00100000 01100001 01101100 01101100 00100000 01100001 01101110 00100000 01100101 01101100 01100001 01100010 01101111 01110010 01100001 01110100 01100101 00100000 01110010 01110101 01110011 01100101 00101110

Link to post
Share on other sites
Posted
  • Author

Why does it exist? I mean, how come it wasn't found earlier? Get some super duper security hackers to test it all the time so this kind of thing doesn't happen anymore. Or at least it will be found faster instead of 5 years later when attackers have had time to take advantage of it.

It was found back in 2013 and fixed, but it wasn't recognized as a security risk until just now so most systems are still open to it.

"The bug first appeared in glibc in 2000. It actually was fixed on May 21, 2013, in between versions 2.17 and 2.18, Qualys CTO Wolfgang Kandek wrote in a blog post.

 

But at the time, the flaw wasn’t recognized as a security risk, Kandek wrote. Most stable and long-term support Linux distributions weren’t immediately modified, including Debian 7, Red Hat Enterprise Linux 6 and 7, CentOS 6 and 7 and Ubuntu 12.04."

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to post
Share on other sites
Posted

Why does it exist? I mean, how come it wasn't found earlier? Get some super duper security hackers to test it all the time so this kind of thing doesn't happen anymore. Or at least it will be found faster instead of 5 years later when attackers have had time to take advantage of it.

Who will do it? If you're that super-duper of a security hacker, you won't have the time to test it all the time, you'll be busy with work and regular life. You also can't support yourself if you devote yourself full-time to the job, because it doesn't pay well.

I do not feel obliged to believe that the same God who has endowed us with sense, reason and intellect has intended us to forgo their use, and by some other means to give us knowledge which we can attain by them. - Galileo Galilei
Build Logs: Tophat (in progress), DNAF | Useful Links: How To: Choosing Your Storage Devices and Configuration, Case Study: RAID Tolerance to Failure, Reducing Single Points of Failure in Redundant Storage , Why Choose an SSD?, ZFS From A to Z (Eric1024), Advanced RAID: Survival Rates, Flashing LSI RAID Cards (alpenwasser), SAN and Storage Networking

Link to post
Share on other sites
Posted

It was found back in 2013 and fixed, but it wasn't recognized as a security risk until just now so most systems are still open to it.

"The bug first appeared in glibc in 2000. It actually was fixed on May 21, 2013, in between versions 2.17 and 2.18, Qualys CTO Wolfgang Kandek wrote in a blog post.

 

But at the time, the flaw wasn’t recognized as a security risk, Kandek wrote. Most stable and long-term support Linux distributions weren’t immediately modified, including Debian 7, Red Hat Enterprise Linux 6 and 7, CentOS 6 and 7 and Ubuntu 12.04."

 

So I'm guessing it's safe to assume this is not an issue (has been fixed) on all newer versions of those distributions listed? (ie: Ubuntu 14.04 etc.)

My Systems:

Main - Work + Gaming:

Spoiler

Woodland Raven: Ryzen 2700X // AMD Wraith RGB // Asus Prime X570-P // G.Skill 2x 8GB 3600MHz DDR4 // Radeon RX Vega 56 // Crucial P1 NVMe 1TB M.2 SSD // Deepcool DQ650-M // chassis build in progress // Windows 10 // Thrustmaster TMX + G27 pedals & shifter

F@H Rig:

Spoiler

FX-8350 // Deepcool Neptwin // MSI 970 Gaming // AData 2x 4GB 1600 DDR3 // 2x Gigabyte RX-570 4G's // Samsung 840 120GB SSD // Cooler Master V650 // Windows 10

 

HTPC:

Spoiler

SNES PC (HTPC): i3-4150 @3.5 // Gigabyte GA-H87N-Wifi // G.Skill 2x 4GB DDR3 1600 // Asus Dual GTX 1050Ti 4GB OC // AData SP600 128GB SSD // Pico 160XT PSU // Custom SNES Enclosure // 55" LG LED 1080p TV  // Logitech wireless touchpad-keyboard // Windows 10 // Build Log

Laptops:

Spoiler

MY DAILY: Lenovo ThinkPad T410 // 14" 1440x900 // i5-540M 2.5GHz Dual-Core HT // Intel HD iGPU + Quadro NVS 3100M 512MB dGPU // 2x4GB DDR3L 1066 // Mushkin Triactor 480GB SSD // Windows 10

 

WIFE'S: Dell Latitude E5450 // 14" 1366x768 // i5-5300U 2.3GHz Dual-Core HT // Intel HD5500 // 2x4GB RAM DDR3L 1600 // 500GB 7200 HDD // Linux Mint 19.3 Cinnamon

 

EXPERIMENTAL: Pinebook // 11.6" 1080p // Manjaro KDE (ARM)

NAS:

Spoiler

Home NAS: Pentium G4400 @3.3 // Gigabyte GA-Z170-HD3 // 2x 4GB DDR4 2400 // Intel HD Graphics // Kingston A400 120GB SSD // 3x Seagate Barracuda 2TB 7200 HDDs in RAID-Z // Cooler Master Silent Pro M 1000w PSU // Antec Performance Plus 1080AMG // FreeNAS OS

 

Link to post
Share on other sites
Posted
  • Author

So I'm guessing it's safe to assume this is not an issue (has been fixed) on all newer versions of those distributions listed? (ie: Ubuntu 14.04 etc.)

The articles don't talk about v14.04 directly, but I would still check you system just in case because it says that most stable distributions were not immediately modified to correct the opening.

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to post
Share on other sites
Posted

But.. I don't want to go back to windows.. Please be fixed on fedora 21 please be fixed on fedora 21 please be fixed on fedora 21... I do my banking on this machine :/

 

Oh

 

For users who use CentOS, Red Hat, Fedora, Scientific Linux etc. Please enter:

$ yum clean all && yum update

I hope that fixes it

====>The car thread<====>Dark Souls thread<====>Placeholder<====
"Life is like a raging river, Its gonna get rough downstream. And people's gonna piss in it" 

"Who discovered we could get milk from cows, and what did he THINK he was doing at the time?"

Link to post
Share on other sites
Posted
  • Author

so im on ubuntu 14.04 and it only lists ubuntu 12 im safe right

I am not sure, but I don't think it affects 14.04. I am not really knowledgeable on Linux systems because I am just starting to look into using them. I would check to see if you use the glibc 2.2-2.17. Here is a quote from the first article.

"If you happen to be a geek who knows Linux very well, we suggest you enter these codes below ASAP to protect your system. Do not forget to restart your computer for the changes to take effect!

For users who use CentOS, Red Hat, Fedora, Scientific Linux etc. Please enter:

$ yum clean all && yum update

For users who use Debian, Ubuntu and other derived systems, please enter:

$ apt-get clean && apt-get update && apt-get upgrade

You can also update your system in the official GNU C Library website."

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to post
Share on other sites
Posted
  • Author

Thanks for the update!

END OF LINE

-- Project Deep Freeze Build Log --

Quote me so that I always know when you reply, feel free to snip if the quote is long. May your FPS be high and your temperatures low.

Link to post
Share on other sites
Posted

And I would have gotten away with it, if it weren't for you meddling kids!

 

On a serious note, this could mean a big scramble, considering the widespread use of Linux in everything.

"The unexamined life is not worth living" - Apology 38a, Socrates


 

Link to post
Share on other sites
Posted

And I would have gotten away with it, if it weren't for you meddling kids!

 

On a serious note, this could mean a big scramble, considering the widespread use of Linux in everything.

 

Even more serious if you take into account what I've posted above: PHP can be used to explore that vulnerability.

Keep in mind though, most servers have been patched, the issue is only servers that are not up to date in their patches (and since this is going on a year, those servers probably have other security issues to worry about).

15" MBP TB

AMD 5800X | Gigabyte Aorus Master | EVGA 2060 KO Ultra | Define 7 || Blade Server: Intel 3570k | GD65 | Corsair C70 | 13TB

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×