RSS Feed
News
Jan
29
GHOST Security Issue in Linux
Posted by Jeff H. on 29 January 2015 04:31 PM

GHOST Exploit Update

If you have a management subscription with us, we have already patched your server.   With our automation framework, most systems receive security patches within hours of their release.

 

cPanel's Exim

In the proof of concept data released by Qualys they mention that Exim, which is used by cPanel, is vulnerable.  This only appeared to be an issue with certain scripting conditions enabled.  We have restarted Exim to assure that it is using the patched glibc.

Reboot Needed?

At this time, we do not see a need for a full server reboot.  While many programs use glibc, the exploit impacts a specific hostname function.  This function must be used in a specific way within the application. 

At the time of this update, most services used on hosting systems are not impacted.   As a precaution, we have restarted some key services.

 

If any changes emerge or significant security issue develops, we will update our news.

 

Questions?

If you have a question about GHOST, please open a low priority ticket.  If you have a security issue, GHOST is unlikely the cause.  In more than 98% of all security incidents we investigate, outdated web application software or poor PHP programming is the cause of the security breach.

 

 

 

 

 

 


Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).