Information on CVE-2015-0235 (GHOST) Vulnerability for Red Hat and CentOS

A vulnerability found in the glibc library, specifically a flaw affecting the gethostbyname() and gethostbyname2() function calls, that allows a remote attacker to potentially execute arbitrary code. CentOS 5, CentOS 6, and CentOS 7 are potentially affected, thus we want to highlight the following information.


XWeb package repositories have been updated. Many servers (barring those with updates disabled) have received an update that patches this vulnerability, however, a reboot will still be required in those cases.

To verify your glibc has at least downloaded the patch you can run the following command on your server:

rpm -q --changelog glibc | grep CVE-2015-0235


If your server has the patch, then you should receive a response similar to:

- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183535).


Be sure to reboot your server after the patch is installed.

Red Hat describes the issue as follows:

A heap-based buffer overflow was found in glibc’s __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.


Further information on CVE-2015-0235 is available from the Red Hat.

  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to Upgrade MariaDB 5.5 to MariaDB 10.0 on CentOS 7

Step #1: Add the MariaDB Repository First, you’ll follow a simple best practice: ensuring the...

How to Create a Self-signed SSL Certificate on Ubuntu

An SSL certificate is an electronic ‘document’ that is used to bind together a public...

Update and Patch OpenSSL on Ubuntu for the CCS Injection Vulnerability

What is OpenSSL? OpenSSL is a common cryptographic library which provides encryption,...

How to Install Logwatch on CentOS 7

Logwatch is a Perl-based log management tool for analyzing, summarizing, and reporting on a...

Fighting Spam on cPanel Servers

On cPanel servers there are a several different tools that are built into cPanel that can be used...

Powered by WHMCompleteSolution