AnsweredAssumed Answered

Ghost Vul (glibc 2.12)

Question asked by Pradeep Bhargav on Apr 7, 2015

Hello Team,

 

we are currently using this glibc-2.12-1.149.el6_6.5.x86_64 version, could you please check and confirm. is this version is vulnerable or not ?

 

The version in between 2.2 to 2.17 all are vulnerable to GHOST attack. as per the Link :https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0235

 

BUT we have also ran the  "Method #2: GHOST-test.sh Vulnerability Test Bash Script"  from this link http://www.cyberciti.biz/faq/cve-2015-0235-ghost-glibc-buffer-overflow-linux-test-program/ . As per the ghost shell script, it says glibc 2.12 is not vulnerable.

 

Please confirm glibc-2.12-1.149.el6_6.5.x86_64 version is vulnerable or not.

 

Thanks and regards,

Pradeep Bhargav

Outcomes