Jan 29 |
GHOST Security Issue in Linux
Posted by Jeff H. on 29 January 2015 04:31 PM |
GHOST Exploit UpdateIf you have a management subscription with us, we have already patched your server. With our automation framework, most systems receive security patches within hours of their release.
cPanel's EximIn the proof of concept data released by Qualys they mention that Exim, which is used by cPanel, is vulnerable. This only appeared to be an issue with certain scripting conditions enabled. We have restarted Exim to assure that it is using the patched glibc. Reboot Needed?At this time, we do not see a need for a full server reboot. While many programs use glibc, the exploit impacts a specific hostname function. This function must be used in a specific way within the application. At the time of this update, most services used on hosting systems are not impacted. As a precaution, we have restarted some key services.
If any changes emerge or significant security issue develops, we will update our news.
Questions?If you have a question about GHOST, please open a low priority ticket. If you have a security issue, GHOST is unlikely the cause. In more than 98% of all security incidents we investigate, outdated web application software or poor PHP programming is the cause of the security breach.
| |