Thursday, January 29, 2015

GHOST Vulnerability check and fix for Debian 6 or 7

More info on the GHOST vulnerability by Qualys | More from debian’s security tracker here

IMPORTANT

  • USETHIS GUIDE AT YOUR OWN RISK, we are not responsible for any broken apps/programs etc etc.
  • We do not know the extent of the vulnerability/fixes this is from best knowledge and effort, you are advised to research of your own too and not completely rely on these below. Some of these methods are also described in many online articles, i put them together mainly for our customers and people using Deb6/7.
  • This article is to be done/performed by those who have sufficient knowledge in these apps/software
  • Please read more articles and follow online security resources for updates should there be any.

Check for vulnerability against GHOST by running the following

1) wget http://goo.gl/MgtleY --no-check-certificate -O gistfile1.c
2) gcc gistfile1.c -o GCHECKER
3) ./GCHECKER

To check which services/software that’s probably vulnerable (for restarting affected services, instead of rebooting)
1) lsof | grep libc | awk '{print $1}' | sort | uniq

 

Fix for Debian 6 Squeeze

1) Add the following repos into /etc/apt/sources.list (Add them at the end is fine)
deb http://http.debian.net/debian/ squeeze-lts main contrib non-free
deb-src
http://http.debian.net/debian/ squeeze-lts main contrib non-free

2) apt-get update

3) apt-get install libc6

4) Reboot (i didn’t have to reboot, some do say to reboot, some say just restart services that use glibc/libc6)

5) Check again as shown above to verify.

Fix for Debian 7 Wheezy

1) apt-get update

2) apt-get install libc6

3) Reboot (i didn’t have to reboot, some do say to reboot, some say just restart services that use glibc/libc6)

4) Check again as shown above to verify.


All the best and do advice if you find problems or suggestions to improve this guide above.

Thanks!