Red Hat users can find more information here: GHOST: glibc vulnerability (CVE-2015-0235)
To upgrade libc on the StruxureWare Data Center Operation server:
- Open the Webmin web interface by typing https://<server-ip>:10000.
- In the left menu, select System > Upload and Download.
- Upload these 3 files GHOST libc6_2.11.3-4+deb6u4_amd64.deb libc-bin_2.11.3-4+deb6u4_amd64.deb to /tmp.
- SSH into the StruxureWare Data Center Operationserver.
If the output text is not vulnerable, you can stop here. Otherwise, continue with the steps.
The expected output from the command looks like this:
To validate the vulnerability has been resolved, execute this command:
If the output looks like this, the vulnerability has been resolved:
If the output still says vulnerable, something went wrong. Contact technical support.
The fix will work on StruxureWare Data Center Operation versions 7.2.x, 7.3.x, and 7.4.