一、检测glibc漏洞
1、# wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
2、# gcc -o GHOST GHOST.c
3、#./GHOST
vulnerable //存在glibc漏洞
二、下载glibc升级包:
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-2.3.4-2.57.0.1.el4.1.i686.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-common-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-devel-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-headers-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-profile-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/glibc-utils-2.3.4-2.57.0.1.el4.1.i386.rpm
wget http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/i386/getPackage/nscd-2.3.4-2.57.0.1.el4.1.i386.rpm
三、升级glibc软件包:
# rpm -Fvh *.rpm
warning: glibc-2.3.4-2.57.0.1.el4.1.i386.rpm: V3 DSA signature: NOKEY, key ID b38a8516
warning: package glibc = 2.3.4-2.57.0.1.el4.1 was already added, replacing with glibc <= 2.3.4-2.57.0.1.el4.1
Preparing... ########################################### [100%]
1:glibc-common ########################################### [ 20%]
2:glibc ########################################### [ 40%]
Stopping sshd:[ OK ]
Starting sshd:[ OK ]
3:glibc-headers ########################################### [ 60%]
4:glibc-devel ########################################### [ 80%]
5:nscd ########################################### [100%]
四、重启操作系统
# reboot
五、检测glibc漏洞
# ./GHOST
not vulnerable //已经不存在glibc幽灵漏洞
原文:http://blog.chinaunix.net/uid-7270462-id-4815638.html