GHOST Vulnerability ( CVE-2015-0235 )

On 27 January 2015, a vulnerability in all versions of the GNU C library (glibc) was announced by Qualys. The issue was a buffer overflow during DNS hostname resolution. Disclosure of this issue was coordinated with the various operating system vendors and patches were made available by RedHat soon after the initial announcement went out.

Impact
According to Qualys, this vulnerability allows unauthenticated remote code execution in any daemons or services that perform hostname lookups using the vulnerable functions in the GNU C library. This library is at the core of most services and software that runs on Linux systems

The updated RPMs provided by RedHat, CentOS and CloudLinux should contain a changelog entry with the CVE number. You can check for this changelog entry with the following command:

rpm -q --changelog glibc | grep CVE-2015-0235

Please read more about this at the following URLs.

https://documentation.cpanel.net/display/CKB/CVE-2015-0235+GHOST

http://www.openwall.com/lists/oss-security/2015/01/27/9
https://rhn.redhat.com/errata/RHSA-2015-0090.html
https://rhn.redhat.com/errata/RHSA-2015-0092.html
http://cloudlinux.com/blog/clnews/glibc-ghost-remote-vulnerability-cve20150235.php

We have deployed updates to all servers which has ntServerGuard installed. Servers without ntServerGaurd are being patched/updated manually.

If you find your server still has this vulnerability, please feel free to contact our support team ASAP.