Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.python > #85165

Re: Ghost vulnerability

Path csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed1a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path <torriem+gmail@torriefamily.org>
X-Original-To python-list@python.org
Delivered-To python-list@mail.python.org
X-Spam-Status OK 0.046
X-Spam-Evidence '*H*': 0.91; '*S*': 0.00; 'fixes': 0.07; 'machines.': 0.09; 'python': 0.11; "wouldn't": 0.14; '(actually': 0.16; 'anyone?': 0.16; 'from:addr:torriem': 0.16; 'from:name:michael torrie': 0.16; 'segfault': 0.16; 'wrote:': 0.18; '>>>': 0.22; 'memory': 0.22; 'header:User-Agent:1': 0.23; 'test.': 0.24; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; 'points': 0.29; "doesn't": 0.30; 'code': 0.31; '(since': 0.31; "d'aprano": 0.31; 'steven': 0.31; 'writes:': 0.31; 'running': 0.33; 'comment': 0.34; 'updated': 0.34; "can't": 0.35; 'but': 0.35; 'version': 0.36; "didn't": 0.36; 'shows': 0.36; 'message-id:@gmail.com': 0.38; 'whatever': 0.38; 'to:addr:python-list': 0.38; 'does': 0.39; 'to:addr:python.org': 0.39; 'received:org': 0.40; 'how': 0.40; 'course': 0.61; 'different': 0.65; 'charset:windows-1252': 0.65; 'due': 0.66; 'here': 0.66; 'latest': 0.67; 'lack': 0.78; 'vulnerable': 0.84
X-Virus-Scanned amavisd-new at torriefamily.org
Date Tue, 03 Feb 2015 10:31:54 -0700
From Michael Torrie <torriem@gmail.com>
User-Agent Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version 1.0
To python-list@python.org
Subject Re: Ghost vulnerability
References <75fe0f21-3ffb-4649-ad06-0dcbdad631fa@googlegroups.com> <vg3wq3zpbi9.fsf@coffee.modeemi.fi> <54d0aeb9$0$12994$c3e8da3$5496439d@news.astraweb.com>
In-Reply-To <54d0aeb9$0$12994$c3e8da3$5496439d@news.astraweb.com>
Content-Type text/plain; charset=windows-1252
Content-Transfer-Encoding 7bit
X-BeenThere python-list@python.org
X-Mailman-Version 2.1.15
Precedence list
List-Id General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive <http://mail.python.org/pipermail/python-list/>
List-Post <mailto:python-list@python.org>
List-Help <mailto:python-list-request@python.org?subject=help>
List-Subscribe <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups comp.lang.python
Message-ID <mailman.18437.1422984725.18130.python-list@python.org> (permalink)
Lines 30
NNTP-Posting-Host 2001:888:2000:d::a6
X-Trace 1422984725 news.xs4all.nl 2858 [2001:888:2000:d::a6]:44710
X-Complaints-To abuse@xs4all.nl
Xref csiph.com comp.lang.python:85165

Show key headers only | View raw


On 02/03/2015 04:19 AM, Steven D'Aprano wrote:
> Anssi Saari wrote:
> 
>> Rustom Mody <rustompmody@gmail.com> writes:
>>
>>> How many people (actually machines) out here are vulnerable?
>>>
>>>
> http://security.stackexchange.com/questions/80210/ghost-bug-is-there-a-simple-way-to-test-if-my-system-is-secure
>>>
>>> shows a python 1-liner to check
>>
>> Does that check actually work for anyone? That code didn't segfalt on my
>> vulnerable Debian system but it did on my router which isn't (since the
>> router doesn't use glibc). Oh and of course I can't comment on
>> stinkexchange since I don't have whatever mana points they require...
> 
> Here's the one-liner:
> 
> python -c 'import socket;y="0"*50000000;socket.gethostbyname(y)'
> 
> 
> I think it is likely that y="0"*50000000 would segfault due to lack of
> memory on many machines. I wouldn't trust this as a test.

I ran it on both my servers (each running a different version of the OS)
which were recently updated to Red Hat's latest version of glibc that
fixes the problem, and both of them segfault with this one liner.

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread


Thread

Ghost vulnerability Rustom Mody <rustompmody@gmail.com> - 2015-02-02 19:53 -0800
  Re: Ghost vulnerability Chris Angelico <rosuav@gmail.com> - 2015-02-03 15:38 +1100
  Re: Ghost vulnerability Anssi Saari <as@sci.fi> - 2015-02-03 11:53 +0200
    Re: Ghost vulnerability Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-02-03 22:19 +1100
      Re: Ghost vulnerability Michael Torrie <torriem@gmail.com> - 2015-02-03 10:31 -0700
      Re: Ghost vulnerability Anssi Saari <as@sci.fi> - 2015-02-03 21:38 +0200
        Re: Ghost vulnerability Chris Angelico <rosuav@gmail.com> - 2015-02-04 09:08 +1100
        Re: Ghost vulnerability Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-02-04 13:13 +1100
  Re: Ghost vulnerability Marc Aymerich <glicerinu@gmail.com> - 2015-02-03 18:47 +0100

csiph-web