Linux Glibc庫嚴重安全漏洞修復(詳細過程)
LinuxGlibc庫嚴重安全漏洞修復通知(重要)
=======正確的指令碼(的確需要加個空格 在 CANARY和 "in_the_coal_mine"之間 加空格,否則gcc GHOST.c -o GHOST 報GHOST.c:6:15: warning: missing whitespace after the macro name )===============
root使用者執行
-----------------
cat > GHOST.c << EOF
#include
#include
#include
#include
#include
#define CANARY "in_the_coal_mine"
struct {
char buffer[1024];
char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };
int main(void) {
struct hostent resbuf;
struct hostent *result;
int herrno;
int retval;
/*** strlen (name) = size_needed -sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
size_t len = sizeof(temp.buffer) -16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
char name[sizeof(temp.buffer)];
memset(name, '0', len);
name[len] = '\0';
retval = gethostbyname_r(name,&resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
if (strcmp(temp.canary, CANARY) !=0) {
puts("vulnerable");
exit(EXIT_SUCCESS);
}
if (retval == ERANGE) {
puts("notvulnerable");
exit(EXIT_SUCCESS);
}
puts("should nothappen");
exit(EXIT_FAILURE);
}
EOF
gcc GHOST.c -o GHOST
./GHOST
=============================================================
[[root@iZ25ztsovnAA test]# cat > GHOST.c << EOF
> #include
> #include
> #include
> #include
> #include
> #define CANARY "in_the_coal_mine"
> struct {
> char buffer[1024];
> char canary[sizeof(CANARY)];
> } temp = { "buffer", CANARY };
> int main(void) {
> struct hostent resbuf;
> struct hostent *result;
> int herrno;
> int retval;
> /*** strlen (name) = size_needed -sizeof (*host_addr) - sizeof (*h_addr_ptrs) - 1; ***/
> size_t len = sizeof(temp.buffer) -16*sizeof(unsigned char) - 2*sizeof(char *) - 1;
> char name[sizeof(temp.buffer)];
> memset(name, '0', len);
> name[len] = '\0';
> retval = gethostbyname_r(name,&resbuf, temp.buffer, sizeof(temp.buffer), &result, &herrno);
> if (strcmp(temp.canary, CANARY) !=0) {
> puts("vulnerable");
> exit(EXIT_SUCCESS);
> }
> if (retval == ERANGE) {
> puts("notvulnerable");
> exit(EXIT_SUCCESS);
> }
> puts("should nothappen");
> exit(EXIT_FAILURE);
> }
> EOF
[root@iZ25ztsovnAA test]# gcc GHOST.c -o GHOST
[root@iZ25ztsovnAA test]# ./GHOST
vulnerable 《vulnerable : 易受傷的,》
[=============================修復過程=====
[root@iZ25ztsovnAA test]# wget -O /etc/yum.repos.d/aliyun-5.repo
--2015-01-30 17:06:54--
Resolving mirrors.aliyun.com... 112.124.140.210, 115.28.122.210
Connecting to mirrors.aliyun.com|112.124.140.210|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2780 (2.7K) [application/octet-stream]
Saving to: `/etc/yum.repos.d/aliyun-5.repo'
100%[=====================================================================>] 2,780 --.-K/s in 0s
2015-01-30 17:06:54 (221 MB/s) - `/etc/yum.repos.d/aliyun-5.repo' saved [2780/2780]
[root@iZ25ztsovnAA test]#
[root@iZ25ztsovnAA test]# yum update glibc
Repository base is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository addons is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Repository contrib is listed more than once in the configuration
addons | 1.9 kB 00:00
base | 1.1 kB 00:00
extras | 2.1 kB 00:00
updates | 1.9 kB 00:00
updates/primary_db | 266 kB 00:00
Excluding Packages in global exclude list
Finished
Setting up Update Process
Resolving Dependencies
--> Running transaction check
--> Processing Dependency: glibc = 2.5-65 for package: glibc-devel
--> Processing Dependency: glibc = 2.5-65 for package: nscd
--> Processing Dependency: glibc = 2.5-65 for package: glibc-headers
---> Package glibc.x86_64 0:2.5-123.el5_11.1 set to be updated
--> Processing Dependency: glibc-common = 2.5-123.el5_11.1 for package: glibc
--> Running transaction check
---> Package glibc-common.x86_64 0:2.5-123.el5_11.1 set to be updated
---> Package glibc-devel.x86_64 0:2.5-123.el5_11.1 set to be updated
---> Package glibc-headers.x86_64 0:2.5-123.el5_11.1 set to be updated
---> Package nscd.x86_64 0:2.5-123.el5_11.1 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
===============================================================================================================
Package Arch Version Repository Size
===============================================================================================================
Updating:
glibc x86_64 2.5-123.el5_11.1 updates 4.8 M
Updating for dependencies:
glibc-common x86_64 2.5-123.el5_11.1 updates 16 M
glibc-devel x86_64 2.5-123.el5_11.1 updates 2.4 M
glibc-headers x86_64 2.5-123.el5_11.1 updates 602 k
nscd x86_64 2.5-123.el5_11.1 updates 178 k
Transaction Summary
===============================================================================================================
Install 0 Package(s)
Upgrade 5 Package(s)
Total download size: 24 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): nscd-2.5-123.el5_11.1.x86_64.rpm | 178 kB 00:00
(2/5): glibc-headers-2.5-123.el5_11.1.x86_64.rpm | 602 kB 00:00
(3/5): glibc-devel-2.5-123.el5_11.1.x86_64.rpm | 2.4 MB 00:00
(4/5): glibc-2.5-123.el5_11.1.x86_64.rpm | 4.8 MB 00:00
(5/5): glibc-common-2.5-123.el5_11.1.x86_64.rpm | 16 MB 00:07
---------------------------------------------------------------------------------------------------------------
Total 2.7 MB/s | 24 MB 00:09
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : glibc-common 1/10
Updating : glibc 2/10
Updating : nscd 3/10
Updating : glibc-headers 4/10
Updating : glibc-devel 5/10
Cleanup : glibc-headers 6/10
Cleanup : glibc-common 7/10
Cleanup : glibc 8/10
Cleanup : nscd 9/10
Cleanup : glibc-devel 10/10
Updated:
glibc.x86_64 0:2.5-123.el5_11.1
Dependency Updated:
glibc-common.x86_64 0:2.5-123.el5_11.1 glibc-devel.x86_64 0:2.5-123.el5_11.1
glibc-headers.x86_64 0:2.5-123.el5_11.1 nscd.x86_64 0:2.5-123.el5_11.1
Complete!
[root@iZ25ztsovnAA test]# ./GHOST
notvulnerable 《notvulnerable : 不易受傷的,》
[root@iZ25ztsovnAA test]#
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/8494287/viewspace-1421236/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- ORACLE 11G透過SCN做增量備份修復standby庫詳細過程Oracle
- ORACLE 11G通過SCN做增量備份修復standby庫詳細過程Oracle
- iOS 12.1.4更新修復嚴重安全漏洞 但又產生新問題iOS
- Linux glibc 幽靈漏洞修復方案Linux
- 影響 Linux 系統安全基石的 glibc 嚴重漏洞Linux
- Oracle 11G DataGuard ORA-16086問題修復詳細過程Oracle
- Oracle 11G DataGuard重啟詳細過程Oracle
- 詳訊:微軟承認Outlook中存在嚴重安全漏洞 (轉)微軟
- Rails框架再爆嚴重安全漏洞AI框架
- linux下cacti的搭建之詳細過程!Linux
- Kubernetes首個嚴重安全漏洞發現者,談發現過程及原理機制
- ORACLE中採用rman備份異機恢復資料庫詳細過程Oracle資料庫
- 抓緊修補!Discourse嚴重安全漏洞可致程式碼執行錯誤
- 【資料庫資料恢復】透過恢復NDF檔案修復資料庫的資料恢復過程資料庫資料恢復
- MySQL MHA詳細搭建過程MySql
- Windows Xp修復控制檯詳細用法(轉)Windows
- 微軟蘋果Linux等作業系統遭受嚴重安全漏洞威脅微軟蘋果Linux作業系統
- 網站漏洞修復之圖片驗證碼的詳細修復方案網站
- 伺服器斷電Oracle資料庫修復資料過程伺服器Oracle資料庫
- MySQL資料庫INNODB表損壞修復處理過程分享MySql資料庫
- Linux上透過binlog檔案恢復mysql資料庫詳細步驟LinuxMySql資料庫
- Chrome瀏覽器爆高嚴重性安全漏洞Chrome瀏覽器
- 泊松過程的詳細理解
- nginx配置https詳細過程NginxHTTP
- Ubuntu 發行版更新 Linux 核心,修復 17 個安全漏洞UbuntuLinux
- 資料恢復記錄:硬碟分割槽損壞修復SqlServer資料庫過程資料恢復硬碟SQLServer資料庫
- 資料庫恢復過程資料庫
- Linux檔案系統損壞後的修復技巧詳細介紹Linux
- Jtti:如何修復Oracle資料庫執行過程的問題JttiOracle資料庫
- 在Apache Cassandra資料庫軟體中報告高嚴重性RCE安全漏洞Apache資料庫
- Magento更新以修復影響電子商務網站的嚴重缺陷網站
- [資訊]微軟於補丁日修復了 20 個嚴重漏洞(11.16)微軟
- MySQL GTID複製中斷修復過程MySql
- 檔案系統修復的一個過程
- tinker熱修復——dex補丁載入過程
- 第十五單元-Linux系統中引導過程及修復Linux
- oracle建庫過程詳解Oracle
- DUL恢復資料庫過程資料庫