Last night a security vulnerability was discovered that affects Linux distributions, allowing hackers to potentially execute code to gain control of hardware. It has been named GHOST (CVE-2015-0235) and is a critical glibc vulnerability.
Immediately following the discovery, our security engineers began actioning the official patch for all our Linux shared web hosting servers, and this has now been completed.
Shared & Premium Web Hosting
If you have Starter Pro, Home Pro, Business Pro, Reseller Pro or Premium Web Hosting with us, you don’t need to take any action. All these web servers have been patched and secured accordingly by our system administration team, and we are closely monitoring industry updates so that if any further fixes are needed we can implement them as quickly as possible.
VPS, Hybrid & Dedicated Servers
If you – or your customers – have an unmanaged server (this includes all Virtual Private Servers, Hybrid Servers, and Dedicated Servers running any flavour of Linux), you will need to check to see if it is vulnerable to GHOST, and then implement the official patch if needed. We strongly recommend you do this as soon as possible.
If you’re running Ubuntu:
sudo apt-get update; sudo apt-get install --only-upgrade glibc*
If you’re running CentOS:
sudo yum clean all; sudo yum update glibc
3. Reboot your server to complete the install. This is essential in order to ensure you are no longer running vulnerable processes and files.
Please note that this is a general Linux security issue, not a Heart Internet one. Therefore, if you have Linux hosting with any other providers anywhere in the world, we strongly recommend you find out if they have taken action to secure their servers or if you need to take action in order to be protected against GHOST.
There are errors in the above (for Ubuntu), corrected, they should read:
wget https://mirrors.uk.heg.com/ghost/ghost-checker
chmod +x ghost-checker
./ghost-checker
sudo apt-get update; sudo apt-get install –only-upgrade glibc*
You’ve missed wget on line 1, and a sudo on line 4.
Thanks for bringing this to our attention and providing assurances that the system administration team has taken the necessary action.
I’ve run this on one of my CentOS dedicated servers and it gives the following error…
Determining fastest mirrors
Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
OK, I’ve just worked out how to sort out that error…
sudo sed -i “s/mirrorlist=https/mirrorlist=http/” /etc/yum.repos.d/epel.repo
Important note – if an error is reported in running the ‘yum update’ line on VPS/Hybrid/Dedicated server that the epel server can not be found, run the following;
sudo sed -i “s/mirrorlist=https/mirrorlist=http/” /etc/yum.repos.d/epel.repo
Thanks Bryan, several people pointed that out! All fixed now 🙂
Is there a 32-bit version of the file? I’m getting “cannot execute binary file” on 32-bit DS?
Thanks Lee 🙂
Glad you got it sorted Phil, thanks for the update.
Thanks for that Geoff, very useful for those with custom yum!
All updated thank you for letting us know so quickly, updated with patch but did give an error when I updated easyapache where there was duplicate RPMS
if you using cpanel it may be a good idea to run /usr/local/cpanel/scripts/check_cpanel_rpms –fix
when you done
Hi Sam, please contact our support team and they’ll be able to help.
Hi Neil, feel free to drop our support team a line if you have any queries about it.