linux glibc漏洞修复 需要重启吗
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了linux glibc漏洞修复 需要重启吗相关的知识,希望对你有一定的参考价值。
参考技术A 楼主你好很多都需要重启的,建议你根据提示做
其次,漏洞建议安全软件修复,以免异常
打开腾讯电脑管家——工具箱——修复漏洞,进行漏洞扫描和修复。
电脑管家建议用户设置开启自动修复漏洞功能,开启后,电脑管家可以在发现高危漏洞(仅包括高危漏洞,不包括其它漏洞)时,第一时间自动进行修复,无需用户参与,最大程度保证用户电脑安全。尤其适合老人、小孩或计算机初级水平用户使用。开启方式如下:进入电脑管家“修复漏洞”模块—“设置”,点击开启自动修复漏洞即可。本回答被提问者和网友采纳
linux glibc 安全漏洞 CVE-2015-7547 修复与检测方法
参考链接:http://toutiao.com/i6253272495634252289/
漏洞信息:https://rhn.redhat.com/errata/RHSA-2016-0175.html
如下为具体操作方法:(在centos 6.5 环境下测试)
#####################################################
1. 如下为查看操作系统版本及glibc 版本
[[email protected] ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[[email protected] ~]# uname -r
2.6.32-431.el6.x86_64
[[email protected] ~]# uname -a
64 GNU/Linux
[[email protected] ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
nameserver 127.0.0.1
[[email protected] ~]# ls
anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
CVE-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
eaccelerator-master Templates
install.log Videos
install.log.syslog wordpress
master.zip wordpress-4.4.1-zh_CN.tar.gz
[[email protected] glibc2.12.166]# rpm -qa | grep -i glibc
glibc-devel-2.12-1.132.el6.x86_64
glibc-common-2.12-1.132.el6.x86_64
glibc-2.12-1.132.el6.x86_64
glibc-headers-2.12-1.132.el6.x86_64
#####################################################
2. 下载CVE-2015-7547 ,解压后的文件如下:
[[email protected] ~]# cd CVE-2015-7547-master/
[[email protected] CVE-2015-7547-master]# ls
CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
#下载后 执行 python CVE-2015-7547-poc.py (此步大概要等10多分钟才出现信息)
[[email protected] CVE-2015-7547-master]# python CVE-2015-7547-poc.py
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:47403
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:47404
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 36
[UDP] Total Data len recv 36
Connected with 127.0.0.1:47405
[TCP] Total Data len recv 76
[TCP] Request1 len recv 36
[TCP] Request2 len recv 36
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:47409
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:47410
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 39
[UDP] Total Data len recv 39
Connected with 127.0.0.1:47411
[TCP] Total Data len recv 82
[TCP] Request1 len recv 39
[TCP] Request2 len recv 39
^CTraceback (most recent call last):
File "CVE-2015-7547-poc.py", line 176, in <module>
tcp_thread()
File "CVE-2015-7547-poc.py", line 105, in tcp_thread
conn, addr = sock_tcp.accept()
File "/usr/lib64/python2.6/socket.py", line 197, in accept
sock, addr = self._sock.accept()
KeyboardInterrupt
##########################################################
3. 在linux另一个窗口编译 gcc CVE-2015-7547-client.c -o client
[[email protected] ~]# cd CVE-2015-7547-master/
[[email protected] CVE-2015-7547-master]# ll
total 32
-rw-r--r-- 1 root root 967 Mar 1 09:29 CVE-2015-7547-client.c
-rw-r--r-- 1 root root 4638 Mar 1 09:29 CVE-2015-7547-poc.py
-rw-r--r-- 1 root root 11357 Mar 1 09:29 LICENSE
-rw-r--r-- 1 root root 109 Mar 1 09:29 Makefile
-rw-r--r-- 1 root root 936 Mar 1 09:29 README
[[email protected] CVE-2015-7547-master]# ls
CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
[[email protected] CVE-2015-7547-master]# gcc CVE-2015-7547-client.c -o client
[[email protected] CVE-2015-7547-master]# ls
client CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
[[email protected] CVE-2015-7547-master]# ./client
Segmentation fault (core dumped)
[[email protected] CVE-2015-7547-master]#
执行 ./client 文件
如果返回 段错误(Segmentation fault) 有漏洞
如果返回 client: getaddrinfo: Name or service not known 漏洞已修复
###############################################################
4. 更新glibc ,下载glibc 相关的rpm包
[[email protected] ~]# ls
anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
CVE-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
eaccelerator-master Templates
glibc2.12.166 Videos
install.log wordpress
install.log.syslog wordpress-4.4.1-zh_CN.tar.gz
master.zip
[[email protected] ~]# cd glibc2.12.166/
#########################################################################
###############如下为glibc更新的rpm包#####################
[[email protected] glibc2.12.166]# ls
glibc-2.12-1.166.el6_7.7.i686.rpm glibc-headers-2.12-1.166.el6_7.7.x86_64.rpm
glibc-2.12-1.166.el6_7.7.x86_64.rpm glibc-static-2.12-1.166.el6_7.7.x86_64.rpm
glibc-common-2.12-1.166.el6_7.7.x86_64.rpm glibc-utils-2.12-1.166.el6_7.7.x86_64.rpm
glibc-devel-2.12-1.166.el6_7.7.x86_64.rpm
###########强制安装rpm包###############################
[[email protected] glibc2.12.166]# rpm -Uvh --nodeps --force glibc-*
Preparing... ########################################### [100%]
1:glibc-common ########################################### [ 14%]
2:glibc ########################################### [ 29%]
3:glibc-headers ########################################### [ 43%]
4:glibc-devel ########################################### [ 57%]
5:glibc-static ########################################### [ 71%]
6:glibc-utils ########################################### [ 86%]
7:glibc ########################################### [100%]
#######更新后查询glibc版本####################
[[email protected] glibc2.12.166]# rpm -qa | grep -i glibc
glibc-static-2.12-1.166.el6_7.7.x86_64
glibc-headers-2.12-1.166.el6_7.7.x86_64
glibc-2.12-1.166.el6_7.7.i686
glibc-2.12-1.166.el6_7.7.x86_64
glibc-utils-2.12-1.166.el6_7.7.x86_64
glibc-common-2.12-1.166.el6_7.7.x86_64
glibc-devel-2.12-1.166.el6_7.7.x86_64
[[email protected] glibc2.12.166]#
reboot重启服务器
##################################################################################
3. 使用第2步的方法检测是否还有漏洞
[[email protected] ~]# ls
anaconda-ks.cfg Music
atomic-php55-php-cli-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0
atomic-php55-php-common-5.5.31-31.el6.art.x86_64.rpm nginx-1.8.0.tar.gz
atomic-php55-php-devel-5.5.31-31.el6.art.x86_64.rpm php-5.5.31
CVE-2015-7547-master php-5.5.31.tar.bz2
Desktop Pictures
Documents Public
Downloads rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
eaccelerator-master Templates
glibc2.12.166 Videos
install.log wordpress
install.log.syslog wordpress-4.4.1-zh_CN.tar.gz
master.zip
[[email protected] ~]# cd CVE-2015-7547-master/
[[email protected] CVE-2015-7547-master]# ls
CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
[[email protected] CVE-2015-7547-master]# py
pydoc pygtk-demo python python2 python2.6
[[email protected] CVE-2015-7547-master]# python CVE-2015-7547-poc.py
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:34043
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:34044
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:34045
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 44
[UDP] Total Data len recv 44
Connected with 127.0.0.1:34046
[TCP] Total Data len recv 46
[TCP] Request1 len recv 44
[UDP] Total Data len recv 36
[UDP] Total Data len recv 36
Connected with 127.0.0.1:34047
[TCP] Total Data len recv 76
[TCP] Request1 len recv 36
[TCP] Request2 len recv 36
^CTraceback (most recent call last):
File "CVE-2015-7547-poc.py", line 176, in <module>
tcp_thread()
File "CVE-2015-7547-poc.py", line 105, in tcp_thread
conn, addr = sock_tcp.accept()
File "/usr/lib64/python2.6/socket.py", line 197, in accept
sock, addr = self._sock.accept()
KeyboardInterrupt
[[email protected] ~]# cd CVE-2015-7547-master/
[[email protected] CVE-2015-7547-master]# ls
CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
[[email protected] CVE-2015-7547-master]# gcc CVE-2015-7547-client.c -o client
[[email protected] CVE-2015-7547-master]# ls
client CVE-2015-7547-client.c CVE-2015-7547-poc.py LICENSE Makefile README
[[email protected] CVE-2015-7547-master]# ./client
client: getaddrinfo: Name or service not known
如果返回 client: getaddrinfo: Name or service not known 漏洞已修复
以上是关于linux glibc漏洞修复 需要重启吗的主要内容,如果未能解决你的问题,请参考以下文章