{"id":1883,"date":"2015-01-31T00:09:56","date_gmt":"2015-01-30T16:09:56","guid":{"rendered":"http:\/\/ixyzero.com\/blog\/?p=1883"},"modified":"2015-01-31T00:09:56","modified_gmt":"2015-01-30T16:09:56","slug":"%e5%a6%82%e4%bd%95%e6%a3%80%e6%9f%a5%e5%b9%b6%e4%bf%ae%e5%a4%8dghostcve-2015-0235%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/ixyzero.com\/blog\/archives\/1883.html","title":{"rendered":"\u5982\u4f55\u68c0\u67e5\u5e76\u4fee\u590dGHOST(CVE-2015-0235)\u6f0f\u6d1e"},"content":{"rendered":"

\u524d\u51e0\u5929\uff082015-1-27\uff09\u53c8\u7206\u51fa\u4e86\u91cd\u5927\u6f0f\u6d1e\u2014\u2014\u7f16\u53f7CVE-2015-0235\u7684GHOST\uff08\u5e7d\u7075\uff09\u6f0f\u6d1e\uff0c\u662f\u7531Qualys\u7684\u7814\u7a76\u5458\u53d1\u73b0\u7684\u4e00\u4e2aLinux\u7cfb\u7edf\u4e0a\u975e\u5e38\u4e25\u91cd\u7684\u5b89\u5168\u6f0f\u6d1e\uff0c\u53ef\u4ee5\u88ab\u5229\u7528\u6765\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u53ca\u672c\u5730\u6743\u9650\u63d0\u5347\u3002<\/p>\n

\u8be6\u7ec6\u7684\u5185\u5bb9<\/a>\u5c31\u4e0d\u591a\u8bf4\u4e86\uff0c\u7f51\u4e0a\u5df2\u7ecf\u6709\u5f88\u591a\u8bf4\u660e\uff0c\u8fd9\u91cc\u53ea\u60f3\u8868\u8fbe\uff1a\u8fd9\u4e2a\u6f0f\u6d1e\u7684\u5371\u5bb3\u6027\u975e\u5e38\u5927\uff0c\u9700\u8981\u53ca\u65f6\u4fee\u590d\uff0c\u4ee5\u53ca\u5982\u4f55\u68c0\u67e5\u81ea\u5df1\u7684Linux\u4e3b\u673a\uff08\u5305\u62ecVPS\uff09\u662f\u5426\u5b58\u5728\u8fd9\u4e2a\u6f0f\u6d1e\u4ee5\u53ca\u5982\u4f55\u4fee\u590d\uff1f<\/p>\n

\u4e0b\u9762\u662f\u51e0\u4e2a\u53d7\u5f71\u54cd\uff08\u53ef\u80fd\u5b58\u5728\u6f0f\u6d1e\uff09\u7684\u670d\u52a1\/\u5e94\u7528\uff1a<\/h6>\n
\n

procmail
\nExim
\npppd
\nclockdiff<\/p>\n<\/blockquote>\n

\u4f60\u4e5f\u53ef\u4ee5\u7528\u4e0b\u9762\u547d\u4ee4\u6765\u67e5\u770b\u4f60\u7684\u670d\u52a1\u5668\u4e0a\u6709\u54ea\u4e9b\u670d\u52a1\u4f9d\u8d56 glibc \uff1a<\/p>\n

# lsof | grep libc | awk '{print $1}' | sort | uniq<\/pre>\n
\u4f60\u53ef\u4ee5\u7528\u4e0b\u9762\u7684\u547d\u4ee4\u6d4b\u8bd5\u4f60\u7684\u7cfb\u7edf\u662f\u5426\u5b58\u5728\u6b64\u6f0f\u6d1e\uff1a<\/p>\n
$ php -r '$e=\"0\";for($i=0;$i<2500;$i++){$e=\"0$e\";} gethostbyname($e);'<\/pre>\n
\u5982\u679c\u8fd4\u56de Segmentation fault \uff0c\u8bf4\u660e\u5b58\u5728\u6f0f\u6d1e\uff0c\u6b64\u65f6\uff0c\u4f60\u9700\u8981\u53ca\u65f6\u4fee\u590d\u3002\u4e0b\u9762\u662f\u5404\u4e2a\u7cfb\u7edf\u7684\u5347\u7ea7(\u4fee\u590d)\u65b9\u6cd5\uff08yum\/apt-get\uff09\uff1a<\/p>\n
Centos\/RHEL\/Fedora 5,6,7 \u7cfb\u7edf<\/h6>\n
$ sudo yum update glibc\n$ sudo restart<\/pre>\n
Debian\/Ubuntu \u7cfb\u7edf<\/h6>\n
$ sudo apt-get update\n$ sudo apt-get dist-upgrade\n$ sudo restart  # sudo shutdown -r now<\/pre>\n
 <\/p>\n
\u53c2\u8003\u94fe\u63a5\uff1a<\/h6>\n