Reading further, I find that articles like this highlight the point that the danger of this vulnerability is limited, since initially there can only be 4 to 8 bytes of code execution, and additional coding is necessary to further take advantage of this.
There is a Proof-of-Concept demonstrating an exploit with the Exim mail server in this python script, with futher explanation here. In this example the attacker can retreive the
segmentation fault error of the server remotely.
This is only a Exmin specific exploit, but opens up possibilities of other softwares having similar(or worse) exploits.
Protecting yourself against it
Amazon came out with a patch already.
So any of us using Amazon Linux AMI should go ahead and patch this up by
yum clean all yum update glibc
Check that the glibc update version is
After that, reboot your instance for everything to take effect.
It takes some work to remove each production server from the load balancer, patch & restart it, then attach it back on to the load balancer… this took me some time and effort. I wish there is a way to do this more easily. Maybe it calls for some automation.
Oh well. Since we’ve seen Heartbleed, Shellshock, and POODLE already in this past year or two, I’m pretty sure we’ll run ino more.
And I think that is a good thing, because we all are benefiting from vulnerabilities being patched up and in result refining the software the community uses.