GHOST vulnerability inwards the GNU C library (glibc) — a widely used cistron of well-nigh Linux distributions, safety researchers convey discovered that PHP applications, including the WordPress Content Management System (CMS), could besides endure affected past times the bug.
"GHOST" is a serious vulnerability (CVE-2015-0235), announced this calendar week past times the researchers of California-based safety trace solid Qualys, that involves a heap-based buffer overflow inwards the glibc component division cite - "GetHOSTbyname()." Researchers said the vulnerability has been introduce inwards the glibc code since 2000.
Though the major Linux distributors such equally Red Hat, Debian and Ubuntu, convey already updated their software against the flaw, GHOST could endure used past times hackers against exclusively a handful of applications currently to remotely run executable code too silently arrive at command of a Linux server.
As nosotros explained inwards our previous article, heap-based buffer overflow was works life inwards __nss_hostname_digits_dots() function, which is peculiarly used past times the gethostbyname() too gethostbyname2() glibc component division call.
Since, PHP applications including WordPress besides utilization the gethostbyname() component division wrapper, the conduct chances of the critical vulnerability becomes higher fifty-fifty afterward many Linux distributions issued fixes.
GHOST - BIG ISSUE FOR WORDPRESS
According to the Sucuri researcher Marc-Alexandre Montpas, GHOST vulnerability could endure a big number for WordPress CMS, equally it uses wp_http_validate_url() component division to validate every pingback shipping service URL.
"....And it does therefore past times using gethostbyname()," wrote Montpas inwards an advisory published Wednesday. "So an aggressor could leverage this vector to insert a malicious URL that would trigger a buffer overflow bug, server-side, potentially allowing him to arrive at privileges on the server."
The vulnerability affects all versions of glibc from glibc-2.17 too lower. However, it was patched inwards glibc-2.18 inwards May 2013, but was non marked equally a safety vulnerability therefore the ready did non give-up the ghost far into many mutual Linux distributions similar RedHat too Ubuntu.
HOW TO CHECK YOUR SYSTEM AGAINST GHOST FLAW
"This is a really critical vulnerability too should endure treated equally such," Montpas said. "If you lot convey a dedicated server (or VPS) running Linux, you lot convey to brand certain you lot update it correct away."
Sucuri besides provided the next exam PHP code, which an admin tin run on their server terminal. If the code returns a partition fault, too therefore your Linux server is vulnerable to the GHOST vulnerability.
php -r '$e="0″;for($i=0;$i<2500;$i++){$e="0$e";} gethostbyname($e);' Segmentation fault
HOW TO PROTECT
Until now, Debian 7, Red Hat Enterprise Linux half dozen too 7, CentOS half dozen too vii too Ubuntu 12.04 convey released software updates. So users of higher upwardly Linux distributions are recommended to spell their systems, followed past times a organization reboot, equally before long equally possible.
- Disable XML-RPC
- Disable Pingback Requests
add_filter( 'xmlrpc_methods' , function( $methods' ) { unset( $methods[ 'pingback.ping ] ); return $methods; } );
SUBSCRIBE to Our Newsletter
Sign up here with your email address to receive updates from this blog in your inbox.
Pilih Sistem Komentar