diff --git a/sources/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md b/sources/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md deleted file mode 100644 index 3ff863af55..0000000000 --- a/sources/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md +++ /dev/null @@ -1,46 +0,0 @@ -Translating---geekpi - -How To Protect Ubuntu Server Against the GHOST Vulnerability -================================================================================ -On January 27, 2015, a GNU C Library (glibc) vulnerability, referred to as the GHOST vulnerability, was announced to the general public. In summary, the vulnerability allows remote attackers to take complete control of a system by exploiting a buffer overflow bug in glibc's GetHOST functions.Check more details from [here][1] - -The GHOST vulnerability can be exploited on Linux systems that use versions of the GNU C Library prior to glibc-2.18. That is, systems that use an unpatched version of glibc from versions 2.2 to 2.17 are at risk. - -### Check System Vulnerability ### - -You can use the following command to check the glib version - - ldd --version - -### Output ### - -ldd (Ubuntu GLIBC 2.19-10ubuntu2) **2.19** -Copyright (C) 2014 Free Software Foundation, Inc. -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -Written by Roland McGrath and Ulrich Drepper. - -The glib version should be above 2.17 and from the output we are running 2.19.If you are seeing glib version between 2.2 to 2.17 then you need to run the following commands - - sudo apt-get update - - sudo apt-get dist-upgrade - -After the installation you need to reboot the server using the following command - - sudo reboot - -After reboot use the same command again and check the glib version. - --------------------------------------------------------------------------------- - -via: http://www.ubuntugeek.com/how-to-protect-ubuntu-server-against-the-ghost-vulnerability.html - -作者:[ruchi][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.ubuntugeek.com/author/ubuntufix -[1]:http://chargen.matasano.com/chargen/2015/1/27/vulnerability-overview-ghost-cve-2015-0235.html diff --git a/translated/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md b/translated/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md new file mode 100644 index 0000000000..38b7c955d3 --- /dev/null +++ b/translated/tech/20150211 How To Protect Ubuntu Server Against the GHOST Vulnerability.md @@ -0,0 +1,44 @@ +如何让Ubuntu服务器远离鬼影漏洞影响 +================================================================================ +2015年1月27日,GNU C库(glibc)的一个漏洞也称鬼影漏洞被公诸于众。总的来说,这个漏洞允许远程攻击者利用glibc中的GetHOST函数的缓冲区溢出漏洞来获得系统的完全控制。点击[这里][1]获得更多细节。 + +鬼影漏洞可在版本在glibc-2.18之前的Linux系统上被利用。也就是说没有打过补丁的版本2.2到2.17都是有风险的。 + +### 检查系统漏洞 ### + +你可以使用下面的命令来检查glib的版本 + + ldd --version + +### 输出 ### + +ldd (Ubuntu GLIBC 2.19-10ubuntu2) **2.19** +Copyright (C) 2014 Free Software Foundation, Inc. +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +Written by Roland McGrath and Ulrich Drepper. + +glib的版本应该高于2.17,我们的输出是2.19。如果你看到glib的版本在2.2到2.17之间。你应该运行下面的命令。 + + sudo apt-get update + + sudo apt-get dist-upgrade + +安装完之后,你应该用下面的命令重启系统。 + + sudo reboot + +重启完成之后,你可以用同样的命令来检查glib的版本。 + +-------------------------------------------------------------------------------- + +via: http://www.ubuntugeek.com/how-to-protect-ubuntu-server-against-the-ghost-vulnerability.html + +作者:[ruchi][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.ubuntugeek.com/author/ubuntufix +[1]:http://chargen.matasano.com/chargen/2015/1/27/vulnerability-overview-ghost-cve-2015-0235.html