• Skip to primary navigation
  • Skip to main content
  • Skip to footer
ControlCase No Tag LOGO md

ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

  • Company
    • About Us
    • Careers
    • Locations
    • Team
  • Industries
    • Business Process Outsourcing
    • Cloud Service Providers
    • Retail
    • Telecom | Entertainment
  • Certifications
    • PCI DSS Certification
    • CSA STAR Certification
    • GDPR Assessment
    • HIPAA Assessment
    • HITRUST Certification
    • ISO 27001 Certification
    • FedRAMP 3PAO Services and NIST 800-53
    • CMMC Compliance: NIST 800-171
    • MARS-E Assessment
    • P2PE Certification
    • PA DSS Certification
    • SOC2 Report
  • Solutions
    • Continuous Compliance Solution
    • One Audit
    • Card Data Discovery Software
    • Data Security Rating
  • Testing
    • Application Reviews
    • Application Security Training
    • Code Reviews
    • Card Data Discovery
    • External Vulnerability Scans
    • Firewall Security Reviews
    • Internal Vulnerability Scans
    • Log Monitoring
    • Penetration Testing
  • Resources
    • Events
    • News
    • Webinars
    • Courses
    • Newsletters
    • Blog
  • Contact Us

GHOST Vulnerability Advisory

You are here: Home / Newsletters / GHOST Vulnerability Advisory
ControlCase No Tag LOGO md

GHOST Vulnerability Advisory

This is a security advisory on the “GHOST Vulnerability (CVE-2015-0235).”

About the Vulnerability

The GHOST vulnerability is a serious weakness in the Linux “glibc library”. It allows attackers to remotely take complete control of the victim system.

GHOST is a ‘buffer overflow’ vulnerability affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

The first vulnerable version of the GNU C Library affected by this vulnerability is glibc-2.2, released on November 10, 2000. The vulnerability was fixed on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18). Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed.

Affected Distributions

  • RHEL (Red Hat Enterprise Linux) version 5.x, 6.x and 7.x
  • CentOS Linux version 5.x, 6.x & 7.x
  • Ubuntu Linux version 10.04, 12.04 LTS
  • Debian Linux version 7.x
  • Linux Mint version 13.0
  • Fedora Linux version 19 or older
  • SUSE Linux Enterprise 11 and older (also OpenSuse Linux 11 or older versions).
  • SUSE Linux Enterprise Software Development Kit 11 SP3
  • SUSE Linux Enterprise Server 11 SP3 for VMware
  • SUSE Linux Enterprise Server 11 SP3
  • SUSE Linux Enterprise Server 11 SP2 LTSS
  • SUSE Linux Enterprise Server 11 SP1 LTSS
  • SUSE Linux Enterprise Server 10 SP4 LTSS
  • SUSE Linux Enterprise Desktop 11 SP3
  • Arch Linux glibc version <= 2.18-1

How ControlCase CaaS Customers can request a test for GHOST Vulnerability

ControlCase Compliance as a Service (CaaS) customers can request “GHOST Vulnerability Scan” by using the following steps:

    1. Login to IT GRC portal
    2. Click “Internal VA Scan Form” link on the dashboard

34b56973-e5cc-406d-bb85-6e4bd24dda16

    1. Fill the Internal VA Scan form with all the details and mention “GHOST Vulnerability Scan” before filling Internal IP addresses against #6

2ee873e2-dec3-4170-b8f0-f0a5f021734e

    1. Once form is filled completely, click Notify button on top right corner

737c1035-cb85-4c78-a695-131d6153e12b

Pre-Requisites for GHOST Vulnerability Scan

Following are the pre-requisites to perform the successful GHOST vulnerability scan:

  • SSH access to the targeted scope for ControlCase Appliance IP Address
  • Root or root equivalent credentials to perform the scan (information shall be shared via ControlCase Secure Portal)

How to test if you are vulnerable

The easiest way to check vulnerability and/or confirm remediation is to run the following command to verify that you are running an updated version of glibc (v2.20) $ ldd -version

How to fix

Ubuntu: https://launchpad.net/ubuntu/+source/eglibc

Debian: https://security-tracker.debian.org/tracker/CVE-2015-0235

Oracle Enterprise Linux: https://oss.oracle.com/pipermail/el-errata/2015-January/004810.html

CentOS: http://lists.centos.org/pipermail/centos-announce/2015-January/020906.html

OpenSUSE: http://lists.opensuse.org/opensuse-updates/2015-01/msg00085.html

References

http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235

http://seclists.org/oss-sec/2015/q1/274

http://www.gnu.org/software/libc/

About Us

ControlCase is a global provider of technology-driven compliance and security solutions. ControlCase is committed to partnering with clients to develop strategic information security and compliance programs that are simplified, cost effective and comprehensive in both on-premise and cloud environments.

ControlCase provides the best experts, customer experience and technology for regulations including PCI DSS, GDPR, SOC1, SOC2, SOC3, HIPAA/HITRUSTâ„¢, ISO 27001/2, SSAE16, PIPEDA, FERC/NERC, Sarbanes Oxley (SOX), GLBA, CoBIT, BITS FISAP and EI3PA.

https://www.controlcase.com


  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Footer

Connect

Corporate Headquarters
12015 Lee Jackson Memorial Hwy, Suite 520, Fairfax, VA 22033

Send us a message

Call Us

About Us

ControlCase is a United States based company, headquartered in Fairfax, Virginia with locations in North America, Europe, Latin America, Asia/Pacific and the Middle East to serve our clients globally.

Quick Links

  • Company
  • Team
  • Careers
  • Locations
  • Covid-19 Notice

Certifications, Assessments and Reports

  • PCI DSS Certification
  • CSA STAR Certification
  • GDPR Assessment
  • HIPAA Assessment
  • HITRUST Certification
  • ISO 27001 Certification
  • FedRAMP and 3PAO Services
  • MARS-E Assessment
  • P2PE Certification
  • PA DSS Certification
  • SOC2 Report

© ControlCase LLC 2023 | Privacy Policy | Impartiality Statement | Legal Notices