Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.096 X-Spam-Evidence: '*H*': 0.81; '*S*': 0.00; 'cc:addr:python-list': 0.11; 'python': 0.11; '(actually': 0.16; 'segfault': 0.16; 'wrote:': 0.18; 'feb': 0.22; 'machine': 0.22; 'email addr:gmail.com>': 0.22; 'proposed': 0.22; 'cc:addr:python.org': 0.22; 'cc:2**0': 0.24; 'url:edu': 0.26; 'header:In-Reply-To:1': 0.27; 'am,': 0.29; 'message-id:@mail.gmail.com': 0.30; "i'm": 0.30; 'url:mailman': 0.30; 'fault': 0.31; 'gcc': 0.31; 'marc': 0.31; 'url:python': 0.33; 'test': 0.35; 'received:google.com': 0.35; 'skip:s 60': 0.36; 'url:downloads': 0.36; 'url:listinfo': 0.36; 'shows': 0.36; 'url:org': 0.36; 'experience,': 0.37; 'reports': 0.37; 'does': 0.39; 'url:mail': 0.40; 'how': 0.40; 'here': 0.66; 'url:c': 0.67; '2015': 0.84; 'url:itservices': 0.84; 'vulnerable': 0.84; 'to:none': 0.92 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc :content-type; bh=reFCIYsBx/VETzfM5ru0tRHjbieS7HNkk0OJVsqIjUQ=; b=qmjy8beNUqnKwYZgjaH/U8E/zZrHkhT1O4zaP5epGRRPG8fg4ZcbeWo2jlvE/Epx1k xYzouBOAPBFZHhJ4VRARvMpbUncGtmK3JzJzgQCaZtPJRZZI4Ojt5GyWdNLf5Uv6rVmU ASPjtnyq0xgNwRZ7YMG5iVqXzy+ocLzQ6+ZyZdVQJq3lHP5jKK1QR7kMU1fTCo+kJut6 8PqJF4Wy2bY1Sa7z4Jq6Ax1ixqDo2EClM9MYak0sC1QUs7sNdK3IAHea8rKgB/mcdKTy Z6zDQMeiOztXikd731bskQ3tbnIQGRHzPQuO9a6ULRe8eIl5vFhtSubc0b6hRgdE2eOy vKSw== X-Received: by 10.107.154.17 with SMTP id c17mr29801285ioe.74.1422985642483; Tue, 03 Feb 2015 09:47:22 -0800 (PST) MIME-Version: 1.0 In-Reply-To: <75fe0f21-3ffb-4649-ad06-0dcbdad631fa@googlegroups.com> References: <75fe0f21-3ffb-4649-ad06-0dcbdad631fa@googlegroups.com> From: Marc Aymerich Date: Tue, 3 Feb 2015 18:47:02 +0100 Subject: Re: Ghost vulnerability Cc: "comp.lang.python" Content-Type: multipart/alternative; boundary=001a1140fae8bda57b050e32a96a X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 72 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1422985645 news.xs4all.nl 2879 [2001:888:2000:d::a6]:50363 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:85167 --001a1140fae8bda57b050e32a96a Content-Type: text/plain; charset=UTF-8 On Tue, Feb 3, 2015 at 4:53 AM, Rustom Mody wrote: > How many people (actually machines) out here are vulnerable? > > > http://security.stackexchange.com/questions/80210/ghost-bug-is-there-a-simple-way-to-test-if-my-system-is-secure > > shows a python 1-liner to check > -- > https://mail.python.org/mailman/listinfo/python-list > Not very reliable in my experience, this python test does segfault on my *patched* Debian machine root@web:~# python -c 'import socket;y="0"*50000000;socket.gethostbyname(y)' Segmentation fault However, the other test proposed on stackechange correctly reports that I'm not vulnerable ;) root@web:/tmp# wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c root@web:/tmp# gcc GHOST.c -o GHOST root@web:/tmp# ./GHOST not vulnerable -- Marc --001a1140fae8bda57b050e32a96a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


On Tue, Feb 3, 2015 at 4:53 AM, Rustom Mody <rustompmody@gmail.com= > wrote:
How many people (actually machin= es) out here are vulnerable?

http://= security.stackexchange.com/questions/80210/ghost-bug-is-there-a-simple-way-= to-test-if-my-system-is-secure

shows a python 1-liner to check
--
https://mail.python.org/mailman/listinfo/python-list



= Not very reliable in my experience,

this python te= st does segfault on my *patched* Debian machine

root@web:~# python -c 'import socket;y=3D"0"*50000000;sock= et.gethostbyname(y)'
Segmentation fault
=
However, the other test proposed on stackechange correctly r= eports that I'm not vulnerable ;)=C2=A0
root@web:/tmp# wget <= a href=3D"https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHO= ST.c">https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c=
root@web:/tmp# gcc GHOST.c -o GHOST
root@web:/= tmp# ./GHOST=C2=A0
not vulnerable

=
--
Marc
--001a1140fae8bda57b050e32a96a--