Register Members List Search Today's Posts Mark Forums Read

Reply
 
Thread Tools
  #1  
Old 28 Jan 2015, 11:09
Dave Dave is offline
 
Join Date: Jun 2010
Real name: Dave
GHOST bug/exploit in Linux - Critical

http://arstechnica.com/security/2015...linux-systems/
http://www.zdnet.com/article/critica...ty-hole-found/

Basically this bug makes it possible to remotely gain access to a Linux server by exploiting this bug, although a service needs to be running on the server which uses the function that contains the bug, you never know what service/software uses this.
You can test if you're vulnerable with this http://security.stackexchange.com/a/80213

Be sure to patch your VPS/dedicated server. How to patch.
In case you use shared hosting, inform your host and ask them if they patched it or if they can patch it asap.
__________________
https://technidev.com - security, development, exploits, vBulletin
dave[at]technidev[dot]com

Contact me for custom vBulletin 3/4 work & server/website management.
Reply With Quote
  #2  
Old 30 Jan 2015, 18:35
Marv Marv is offline
 
Join Date: Jun 2002
This info should be somehow more prominent..
Reply With Quote
  #3  
Old 30 Jan 2015, 20:54
Lynne's Avatar
Lynne Lynne is offline
 
Join Date: Sep 2004
Real name: Lynne
I had actually asked my host about this the other day and had patched my site. But, they didn't tell me to do a reboot. I just now ran the test and it said I wasn't vulnerable. Then I checked to see if there were any dynamically linked programs still using the old version of glibc and I got a list of about 15 items. So, I rebooted and now I don't get any programs listed.

Anyway, thank you for posted that!
__________________
Former vBulletin.org Staff Member

Try a search before posting for help. Many users won't, and don't, help if the question has been answered several times before.
W3Schools -
Online vBulletin Manual
If I post some CSS and don't say where it goes, put it in the additional.css template.
I will NOT help via PM (you will be directed to post in the forums for help.)
Reply With Quote
  #4  
Old 30 Jan 2015, 22:22
Marv Marv is offline
 
Join Date: Jun 2002
Thanks for the heads up, Lynne. Hadnīt rebooted until I read your post
Reply With Quote
  #5  
Old 31 Jan 2015, 00:29
AusPhotography's Avatar
AusPhotography AusPhotography is offline
 
Join Date: Nov 2007
Real name: Rick-owner, Kym-admin
Not vulnerable here
__________________
www.AusPhotography.net.au a.k.a. AP is a photography forum where members share their photography, photo editing skills and techniques. We run regular photographic competitions; Rick (site owner) and Kym (site tech) using this account
*** Home of the AP fully comprehensive vb4 photographic competition management solution ***
Reply With Quote
  #6  
Old 31 Jan 2015, 03:14
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
Oh what fun ...... all my servers now patched.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
Reply With Quote
  #7  
Old 02 Feb 2015, 05:27
CarpCharacin's Avatar
CarpCharacin CarpCharacin is offline
 
Join Date: Dec 2014
Real name: James
i contacted my webhost and they said that their hardware was the best and that if you have good hardware your os is secure. What lies...
__________________
Utah Fishkeepers

Last edited by CarpCharacin; 02 Feb 2015 at 06:31.
Reply With Quote
  #8  
Old 02 Feb 2015, 11:36
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Aug 2009
Real name: Chris
Time to get a new host.
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
Reply With Quote
  #9  
Old 02 Feb 2015, 12:57
ForceHSS's Avatar
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Can someone explain how does one run this a step by step would be helpful
Reply With Quote
  #10  
Old 02 Feb 2015, 13:01
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Aug 2009
Real name: Chris
Did you read this, How to patch.

Me personally, I had my host do it, I pay them enough money.
__________________
You can get access to my 180 mods for vB 3.6 - 4.x at The Admin Zone as well as the professional support you are used to. New vBulletin Spider Definitions, vBulletin Spiders List Hits 1000 Spiders! ​ OzzModz down. Site has had a data breach, checking how the intrusion happened. Change your PW if you use the same one on my site and others.
Reply With Quote
  #11  
Old 02 Feb 2015, 13:18
ForceHSS's Avatar
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Will need host to do it as I am not sure if I have access to that and not sure how to check
Reply With Quote
  #12  
Old 02 Feb 2015, 13:21
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
Originally Posted by ForceHSS View Post
Can someone explain how does one run this a step by step would be helpful

Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.


Job done, on my servers anyway.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
Reply With Quote
  #13  
Old 02 Feb 2015, 17:00
Simon Lloyd's Avatar
Simon Lloyd Simon Lloyd is offline
 
Join Date: Aug 2008
Real name: Simon
Originally Posted by ForceHSS View Post
Will need host to do it as I am not sure if I have access to that and not sure how to check
You'll need SSH access to your server to do it (Pauls' instructions) or ask your host.
__________________
Kind regards,
Simon Microsoft Office Help
My Mods: Find my modifications here
Please do not pm me for support unless i have invited you to!
Reply With Quote
  #14  
Old 02 Feb 2015, 17:37
ForceHSS's Avatar
ForceHSS ForceHSS is offline
 
Join Date: Apr 2008
Worked it out all done
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 21:32.

Layout Options | Width: Wide Color: