Recently everyone is concerned about the Ghost vulnerability, CNNVD-2 0 1 5 0 1-6 5 8, In addition to in clockdiff, and procmail, and exim and other applications on the discovered vulnerabilities, yesterday security personnel found to have spread to the common on the web application, such as the famous wordpress, the wordpress in wp_http_validate_url() function, the underlying gethostbyname()of the package, and therefore also subject to the Ghost vulnerability.
The relevant code is as follows:
An attacker can insert a malicious URL to trigger this vulnerability, if the use is successful, you can get to the Server Permissions. Therefore, it is recommended you VPS webmasters, and quickly update the system patch.
If you are not using wordpress, did not dare to guarantee that other WEB applications not affected by this vulnerability. You can use the following command to test:
If it returns a Segmentation fault, indicating the presence of vulnerabilities.