{"id":477344,"date":"2023-08-09T09:11:34","date_gmt":"2023-08-09T09:11:34","guid":{"rendered":""},"modified":"2023-09-05T11:14:32","modified_gmt":"2023-09-05T11:14:32","slug":"ghost-bug","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/ghost-bug\/","title":{"rendered":"l\u1ed7i ma"},"content":{"rendered":"<p>L\u1ed7i GHOST l\u00e0 m\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong Th\u01b0 vi\u1ec7n GNU C (glibc), m\u1ed9t th\u00e0nh ph\u1ea7n ch\u00ednh c\u1ee7a nhi\u1ec1u h\u1ec7 \u0111i\u1ec1u h\u00e0nh d\u1ef1a tr\u00ean Linux. N\u00f3 \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n v\u00e0o \u0111\u1ea7u n\u0103m 2015 v\u00e0 nhanh ch\u00f3ng thu h\u00fat \u0111\u01b0\u1ee3c s\u1ef1 ch\u00fa \u00fd do c\u00f3 kh\u1ea3 n\u0103ng th\u1ef1c thi m\u00e3 t\u1eeb xa tr\u00ean c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng. L\u1ed7i n\u00e0y \u0111\u01b0\u1ee3c \u0111\u1eb7t t\u00ean t\u1eeb vi\u1ec7c khai th\u00e1c c\u00e1c h\u00e0m GetHOST (do \u0111\u00f3 l\u00e0 GHOST), \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n c\u00f3 l\u1ed7 h\u1ed5ng tr\u00e0n b\u1ed9 \u0111\u1ec7m.<\/p>\n<h2>L\u1ecbch s\u1eed ngu\u1ed3n g\u1ed1c c\u1ee7a l\u1ed7i GHOST v\u00e0 l\u1ea7n \u0111\u1ea7u ti\u00ean nh\u1eafc \u0111\u1ebfn n\u00f3<\/h2>\n<p>L\u1ed7i GHOST l\u1ea7n \u0111\u1ea7u ti\u00ean \u0111\u01b0\u1ee3c x\u00e1c \u0111\u1ecbnh v\u00e0o ng\u00e0y 27 th\u00e1ng 1 n\u0103m 2015 b\u1edfi c\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u t\u1eeb c\u00f4ng ty b\u1ea3o m\u1eadt Qualys. Nh\u00f3m Qualys c\u00f3 tr\u00e1ch nhi\u1ec7m ti\u1ebft l\u1ed9 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt cho c\u00e1c nh\u00e0 b\u1ea3o tr\u00ec glibc v\u00e0 Trung t\u00e2m T\u00edch h\u1ee3p Truy\u1ec1n th\u00f4ng v\u00e0 An ninh M\u1ea1ng Qu\u1ed1c gia (NCCIC) tr\u01b0\u1edbc khi c\u00f4ng b\u1ed1 r\u1ed9ng r\u00e3i v\u00e0o ng\u00e0y 27 th\u00e1ng 1 n\u0103m 2015. H\u00e0nh \u0111\u1ed9ng k\u1ecbp th\u1eddi n\u00e0y cho ph\u00e9p c\u00e1c qu\u1ea3n tr\u1ecb vi\u00ean v\u00e0 nh\u00e0 ph\u00e1t tri\u1ec3n h\u1ec7 th\u1ed1ng \u0111\u01b0\u1ee3c th\u00f4ng b\u00e1o v\u00e0 n\u1ed7 l\u1ef1c gi\u1ea3m thi\u1ec3u s\u1ef1 c\u1ed1.<\/p>\n<h2>Th\u00f4ng tin chi ti\u1ebft v\u1ec1 l\u1ed7i GHOST. M\u1edf r\u1ed9ng ch\u1ee7 \u0111\u1ec1 l\u1ed7i GHOST<\/h2>\n<p>L\u1ed7i GHOST ch\u1ee7 y\u1ebfu l\u00e0 l\u1ed7 h\u1ed5ng tr\u00e0n b\u1ed9 \u0111\u1ec7m t\u1ed3n t\u1ea1i trong h\u00e0m __nss_hostname_digits_dots() c\u1ee7a th\u01b0 vi\u1ec7n glibc. Khi m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh \u0111\u01b0a ra y\u00eau c\u1ea7u DNS, ch\u1ee9c n\u0103ng n\u00e0y ch\u1ecbu tr\u00e1ch nhi\u1ec7m x\u1eed l\u00fd qu\u00e1 tr\u00ecnh ph\u00e2n gi\u1ea3i t\u00ean m\u00e1y ch\u1ee7. Tuy nhi\u00ean, do x\u00e1c th\u1ef1c \u0111\u1ea7u v\u00e0o kh\u00f4ng \u0111\u00fang c\u00e1ch, k\u1ebb t\u1ea5n c\u00f4ng t\u1eeb xa c\u00f3 th\u1ec3 cung c\u1ea5p t\u00ean m\u00e1y ch\u1ee7 \u0111\u01b0\u1ee3c t\u1ea1o \u0111\u1eb7c bi\u1ec7t, d\u1eabn \u0111\u1ebfn tr\u00e0n b\u1ed9 \u0111\u1ec7m. S\u1ef1 tr\u00e0n n\u00e0y c\u00f3 th\u1ec3 d\u1eabn \u0111\u1ebfn vi\u1ec7c th\u1ef1c thi m\u00e3 t\u00f9y \u00fd, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng truy c\u1eadp tr\u00e1i ph\u00e9p v\u00e0o h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng.<\/p>\n<p>L\u1ed7 h\u1ed5ng n\u00e0y \u0111\u1eb7c bi\u1ec7t nguy hi\u1ec3m v\u00ec n\u00f3 \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn nhi\u1ec1u h\u1ec7 th\u1ed1ng Linux, bao g\u1ed3m c\u1ea3 nh\u1eefng m\u00e1y ch\u1ee7 web \u0111ang ch\u1ea1y, m\u00e1y ch\u1ee7 email v\u00e0 c\u00e1c d\u1ecbch v\u1ee5 quan tr\u1ecdng kh\u00e1c. V\u00ec glibc l\u00e0 m\u1ed9t th\u01b0 vi\u1ec7n thi\u1ebft y\u1ebfu \u0111\u01b0\u1ee3c nhi\u1ec1u \u1ee9ng d\u1ee5ng s\u1eed d\u1ee5ng n\u00ean t\u00e1c \u0111\u1ed9ng ti\u1ec1m t\u00e0ng c\u1ee7a l\u1ed7i n\u00e0y l\u00e0 r\u1ea5t l\u1edbn.<\/p>\n<h2>C\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a l\u1ed7i GHOST. L\u1ed7i GHOST ho\u1ea1t \u0111\u1ed9ng nh\u01b0 th\u1ebf n\u00e0o<\/h2>\n<p>\u0110\u1ec3 hi\u1ec3u c\u1ea5u tr\u00fac b\u00ean trong c\u1ee7a l\u1ed7i GHOST, \u0111i\u1ec1u quan tr\u1ecdng l\u00e0 ph\u1ea3i \u0111i s\u00e2u v\u00e0o chi ti\u1ebft k\u1ef9 thu\u1eadt. Khi m\u1ed9t ch\u01b0\u01a1ng tr\u00ecnh g\u1ecdi h\u00e0m __nss_hostname_digits_dots() d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng \u0111\u1ec3 ph\u00e2n gi\u1ea3i t\u00ean m\u00e1y ch\u1ee7, h\u00e0m n\u00e0y s\u1ebd g\u1ecdi n\u1ed9i b\u1ed9 h\u00e0m gethostbyname*(). H\u00e0m n\u00e0y l\u00e0 m\u1ed9t ph\u1ea7n c\u1ee7a h\u1ecd getaddrinfo(), \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 ph\u00e2n gi\u1ea3i \u0111\u1ecba ch\u1ec9 t\u00ean m\u00e1y ch\u1ee7 th\u00e0nh \u0111\u1ecba ch\u1ec9 IP.<\/p>\n<p>L\u1ed7 h\u1ed5ng n\u1eb1m \u1edf c\u00e1ch h\u00e0m x\u1eed l\u00fd c\u00e1c gi\u00e1 tr\u1ecb s\u1ed1 trong t\u00ean m\u00e1y ch\u1ee7. N\u1ebfu t\u00ean m\u00e1y ch\u1ee7 ch\u1ee9a m\u1ed9t gi\u00e1 tr\u1ecb s\u1ed1 theo sau l\u00e0 d\u1ea5u ch\u1ea5m th\u00ec h\u00e0m s\u1ebd hi\u1ec3u nh\u1ea7m n\u00f3 l\u00e0 \u0111\u1ecba ch\u1ec9 IPv4. \u0110i\u1ec1u n\u00e0y d\u1eabn \u0111\u1ebfn tr\u00e0n b\u1ed9 \u0111\u1ec7m khi h\u00e0m n\u00e0y c\u1ed1 g\u1eafng l\u01b0u tr\u1eef \u0111\u1ecba ch\u1ec9 IPv4 v\u00e0o b\u1ed9 \u0111\u1ec7m kh\u00f4ng \u0111\u1ee7 l\u1edbn \u0111\u1ec3 ch\u1ee9a n\u00f3.<\/p>\n<p>Do \u0111\u00f3, k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 t\u1ea1o m\u1ed9t t\u00ean m\u00e1y ch\u1ee7 \u0111\u1ed9c h\u1ea1i, khi\u1ebfn h\u00e0m d\u1ec5 b\u1ecb t\u1ed5n th\u01b0\u01a1ng ghi \u0111\u00e8 l\u00ean c\u00e1c v\u1ecb tr\u00ed b\u1ed9 nh\u1edb l\u00e2n c\u1eadn, c\u00f3 kh\u1ea3 n\u0103ng cho ph\u00e9p ch\u00fang th\u1ef1c thi m\u00e3 t\u00f9y \u00fd ho\u1eb7c l\u00e0m h\u1ecfng ch\u01b0\u01a1ng tr\u00ecnh.<\/p>\n<h2>Ph\u00e2n t\u00edch c\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a l\u1ed7i GHOST<\/h2>\n<p>C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a l\u1ed7i GHOST bao g\u1ed3m:<\/p>\n<ol>\n<li>\n<p><strong>L\u1ed7 h\u1ed5ng tr\u00e0n b\u1ed9 \u0111\u1ec7m<\/strong>: V\u1ea5n \u0111\u1ec1 c\u1ed1t l\u00f5i c\u1ee7a l\u1ed7i GHOST n\u1eb1m \u1edf l\u1ed7i tr\u00e0n b\u1ed9 \u0111\u1ec7m b\u00ean trong h\u00e0m __nss_hostname_digits_dots(), cho ph\u00e9p th\u1ef1c thi m\u00e3 tr\u00e1i ph\u00e9p.<\/p>\n<\/li>\n<li>\n<p><strong>Th\u1ef1c thi m\u00e3 t\u1eeb xa<\/strong>: L\u1ed7i n\u00e0y c\u00f3 th\u1ec3 b\u1ecb khai th\u00e1c t\u1eeb xa, khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh m\u1ed1i \u0111e d\u1ecda b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng v\u00ec k\u1ebb t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 gi\u00e0nh quy\u1ec1n ki\u1ec3m so\u00e1t c\u00e1c h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng t\u1eeb xa.<\/p>\n<\/li>\n<li>\n<p><strong>Nhi\u1ec1u h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng<\/strong>: L\u1ed7 h\u1ed5ng n\u00e0y \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn nhi\u1ec1u b\u1ea3n ph\u00e2n ph\u1ed1i Linux v\u00e0 \u1ee9ng d\u1ee5ng s\u1eed d\u1ee5ng th\u01b0 vi\u1ec7n glibc d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng.<\/p>\n<\/li>\n<li>\n<p><strong>C\u00e1c d\u1ecbch v\u1ee5 quan tr\u1ecdng c\u00f3 nguy c\u01a1<\/strong>: Nhi\u1ec1u m\u00e1y ch\u1ee7 ch\u1ea1y c\u00e1c d\u1ecbch v\u1ee5 thi\u1ebft y\u1ebfu d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng, g\u00e2y r\u1ee7i ro \u0111\u00e1ng k\u1ec3 cho c\u01a1 s\u1edf h\u1ea1 t\u1ea7ng tr\u1ef1c tuy\u1ebfn.<\/p>\n<\/li>\n<\/ol>\n<h2>C\u00e1c lo\u1ea1i l\u1ed7i GHOST<\/h2>\n<p>L\u1ed7i GHOST kh\u00f4ng c\u00f3 c\u00e1c bi\u1ebfn th\u1ec3 kh\u00e1c nhau; tuy nhi\u00ean, t\u00e1c \u0111\u1ed9ng c\u1ee7a n\u00f3 c\u00f3 th\u1ec3 kh\u00e1c nhau t\u00f9y thu\u1ed9c v\u00e0o h\u1ec7 th\u1ed1ng b\u1ecb \u1ea3nh h\u01b0\u1edfng v\u00e0 m\u1ee5c ti\u00eau c\u1ee7a k\u1ebb t\u1ea5n c\u00f4ng. N\u00f3i chung, ch\u1ec9 c\u00f3 m\u1ed9t phi\u00ean b\u1ea3n c\u1ee7a l\u1ed7i GHOST, \u0111\u1eb7c tr\u01b0ng b\u1edfi l\u1ed7i tr\u00e0n b\u1ed9 \u0111\u1ec7m trong h\u00e0m __nss_hostname_digits_dots().<\/p>\n<h2>C\u00e1c c\u00e1ch s\u1eed d\u1ee5ng GHOST l\u1ed7i, c\u00e1c v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p kh\u1eafc ph\u1ee5c li\u00ean quan \u0111\u1ebfn vi\u1ec7c s\u1eed d\u1ee5ng<\/h2>\n<p>L\u1ed7i GHOST ch\u1ee7 y\u1ebfu b\u1ecb khai th\u00e1c th\u00f4ng qua vi\u1ec7c thao t\u00fang c\u00e1c y\u00eau c\u1ea7u DNS, l\u1ee3i d\u1ee5ng t\u00ecnh tr\u1ea1ng tr\u00e0n b\u1ed9 \u0111\u1ec7m c\u1ee7a h\u00e0m __nss_hostname_digits_dots(). Sau khi k\u1ebb t\u1ea5n c\u00f4ng x\u00e1c \u0111\u1ecbnh \u0111\u01b0\u1ee3c c\u00e1c h\u1ec7 th\u1ed1ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng, ch\u00fang c\u00f3 th\u1ec3 t\u1ea1o t\u00ean m\u00e1y ch\u1ee7 \u0111\u1ed9c h\u1ea1i v\u00e0 s\u1eed d\u1ee5ng ch\u00fang \u0111\u1ec3 k\u00edch ho\u1ea1t l\u1ed7 h\u1ed5ng.<\/p>\n<p>Vi\u1ec7c gi\u1ea3i quy\u1ebft l\u1ed7i GHOST y\u00eau c\u1ea7u c\u1eadp nh\u1eadt k\u1ecbp th\u1eddi t\u1eeb c\u00e1c nh\u00e0 cung c\u1ea5p h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 nh\u00e0 ph\u00e1t tri\u1ec3n \u1ee9ng d\u1ee5ng. H\u1ecd c\u1ea7n k\u1ebft h\u1ee3p c\u00e1c phi\u00ean b\u1ea3n glibc \u0111\u00e3 v\u00e1 \u0111\u1ec3 kh\u1eafc ph\u1ee5c l\u1ed7 h\u1ed5ng. Qu\u1ea3n tr\u1ecb vi\u00ean h\u1ec7 th\u1ed1ng c\u0169ng \u0111\u00f3ng m\u1ed9t vai tr\u00f2 quan tr\u1ecdng b\u1eb1ng c\u00e1ch c\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng c\u1ee7a h\u1ecd v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt th\u00edch h\u1ee3p.<\/p>\n<h2>C\u00e1c \u0111\u1eb7c \u0111i\u1ec3m ch\u00ednh v\u00e0 so s\u00e1nh kh\u00e1c v\u1edbi c\u00e1c thu\u1eadt ng\u1eef t\u01b0\u01a1ng t\u1ef1 d\u01b0\u1edbi d\u1ea1ng b\u1ea3ng v\u00e0 danh s\u00e1ch<\/h2>\n<table>\n<thead>\n<tr>\n<th>\u0111\u1eb7c tr\u01b0ng<\/th>\n<th>L\u1ed7i ma<\/th>\n<th>ch\u1ea3y m\u00e1u tim<\/th>\n<th>Shellshock<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Lo\u1ea1i l\u1ed7 h\u1ed5ng<\/td>\n<td>Tr\u00e0n b\u1ed9 nh\u1edb<\/td>\n<td>R\u00f2 r\u1ec9 th\u00f4ng tin (B\u1ed9 nh\u1edb b\u1ecb \u0111\u1ecdc qu\u00e1 m\u1ee9c)<\/td>\n<td>L\u1ec7nh ti\u00eam<\/td>\n<\/tr>\n<tr>\n<td>N\u0103m kh\u00e1m ph\u00e1<\/td>\n<td>2015<\/td>\n<td>2014<\/td>\n<td>2014<\/td>\n<\/tr>\n<tr>\n<td>Ph\u1ea7n m\u1ec1m b\u1ecb \u1ea3nh h\u01b0\u1edfng<\/td>\n<td>th\u01b0 vi\u1ec7n glibc<\/td>\n<td>OpenSSL<\/td>\n<td>v\u1ecf s\u00f2<\/td>\n<\/tr>\n<tr>\n<td>Ph\u1ea1m vi t\u00e1c \u0111\u1ed9ng<\/td>\n<td>H\u1ec7 th\u1ed1ng d\u1ef1a tr\u00ean Linux<\/td>\n<td>M\u00e1y ch\u1ee7 web, VPN, thi\u1ebft b\u1ecb IoT<\/td>\n<td>H\u1ec7 th\u1ed1ng d\u1ef1a tr\u00ean Unix<\/td>\n<\/tr>\n<tr>\n<td>\u0110\u1ed9 ph\u1ee9c t\u1ea1p khai th\u00e1c<\/td>\n<td>T\u01b0\u01a1ng \u0111\u1ed1i ph\u1ee9c t\u1ea1p<\/td>\n<td>T\u01b0\u01a1ng \u0111\u1ed1i \u0111\u01a1n gi\u1ea3n<\/td>\n<td>T\u01b0\u01a1ng \u0111\u1ed1i \u0111\u01a1n gi\u1ea3n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Vi\u1ec5n c\u1ea3nh v\u00e0 c\u00f4ng ngh\u1ec7 t\u01b0\u01a1ng lai li\u00ean quan \u0111\u1ebfn l\u1ed7i GHOST<\/h2>\n<p>K\u1ec3 t\u1eeb khi \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n, l\u1ed7i GHOST \u0111\u00e3 tr\u1edf th\u00e0nh b\u00e0i h\u1ecdc cho c\u00e1c nh\u00e0 ph\u00e1t tri\u1ec3n v\u00e0 qu\u1ea3n tr\u1ecb vi\u00ean h\u1ec7 th\u1ed1ng \u01b0u ti\u00ean c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt v\u00e0 nh\u1eafc nh\u1edf c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m. V\u1ee5 vi\u1ec7c \u0111\u00e3 d\u1eabn \u0111\u1ebfn vi\u1ec7c t\u0103ng c\u01b0\u1eddng gi\u00e1m s\u00e1t c\u00e1c th\u01b0 vi\u1ec7n c\u1ed1t l\u00f5i v\u00e0 t\u0103ng c\u01b0\u1eddng n\u1ed7 l\u1ef1c c\u1ea3i thi\u1ec7n t\u00ednh b\u1ea3o m\u1eadt c\u1ee7a m\u00e3.<\/p>\n<p>Nh\u00ecn v\u1ec1 t\u01b0\u01a1ng lai, ch\u00fang ta c\u00f3 th\u1ec3 mong \u0111\u1ee3i s\u1ef1 t\u1eadp trung nhi\u1ec1u h\u01a1n n\u1eefa v\u00e0o c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt m\u1ea1nh m\u1ebd, ki\u1ec3m tra m\u00e3 th\u01b0\u1eddng xuy\u00ean v\u00e0 \u0111\u00e1nh gi\u00e1 l\u1ed7 h\u1ed5ng. B\u1ed1i c\u1ea3nh an ninh m\u1ea1ng s\u1ebd ti\u1ebfp t\u1ee5c ph\u00e1t tri\u1ec3n v\u00e0 c\u00e1c t\u1ed5 ch\u1ee9c s\u1ebd c\u1ea7n ph\u1ea3i lu\u00f4n c\u1ea3nh gi\u00e1c v\u00e0 ch\u1ee7 \u0111\u1ed9ng \u0111\u1ec3 ch\u1ed1ng l\u1ea1i c\u00e1c m\u1ed1i \u0111e d\u1ecda m\u1edbi n\u1ed5i.<\/p>\n<h2>C\u00e1ch m\u00e1y ch\u1ee7 proxy c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng ho\u1eb7c li\u00ean k\u1ebft v\u1edbi l\u1ed7i GHOST<\/h2>\n<p>C\u00e1c m\u00e1y ch\u1ee7 proxy, gi\u1ed1ng nh\u01b0 c\u00e1c m\u00e1y ch\u1ee7 do OneProxy cung c\u1ea5p, c\u00f3 th\u1ec3 \u0111\u00f3ng vai tr\u00f2 gi\u1ea3m thi\u1ec3u t\u00e1c \u0111\u1ed9ng c\u1ee7a l\u1ed7i GHOST. B\u1eb1ng c\u00e1ch \u0111\u1ecbnh tuy\u1ebfn l\u01b0u l\u01b0\u1ee3ng truy c\u1eadp web th\u00f4ng qua m\u00e1y ch\u1ee7 proxy, h\u1ec7 th\u1ed1ng c\u1ee7a kh\u00e1ch h\u00e0ng c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c b\u1ea3o v\u1ec7 kh\u1ecfi b\u1ecb ti\u1ebfp x\u00fac tr\u1ef1c ti\u1ebfp v\u1edbi c\u00e1c th\u01b0 vi\u1ec7n glibc d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng. Proxy \u0111\u00f3ng vai tr\u00f2 trung gian gi\u1eefa m\u00e1y kh\u00e1ch v\u00e0 m\u00e1y ch\u1ee7, cung c\u1ea5p l\u1edbp b\u1ea3o m\u1eadt b\u1ed5 sung b\u1eb1ng c\u00e1ch l\u1ecdc c\u00e1c y\u00eau c\u1ea7u \u0111\u1ed9c h\u1ea1i.<\/p>\n<p>Tuy nhi\u00ean, \u0111i\u1ec1u quan tr\u1ecdng c\u1ea7n nh\u1edb l\u00e0 proxy kh\u00f4ng ph\u1ea3i l\u00e0 gi\u1ea3i ph\u00e1p tr\u1ef1c ti\u1ebfp \u0111\u1ec3 kh\u1eafc ph\u1ee5c l\u1ed7 h\u1ed5ng. Ch\u00fang n\u00ean \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng k\u1ebft h\u1ee3p v\u1edbi c\u00e1c bi\u1ec7n ph\u00e1p b\u1ea3o m\u1eadt kh\u00e1c v\u00e0 c\u1eadp nh\u1eadt ph\u1ea7n m\u1ec1m th\u01b0\u1eddng xuy\u00ean \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o b\u1ea3o v\u1ec7 to\u00e0n di\u1ec7n tr\u01b0\u1edbc c\u00e1c m\u1ed1i \u0111e d\u1ecda ti\u1ec1m \u1ea9n nh\u01b0 l\u1ed7i GHOST.<\/p>\n<h2>Li\u00ean k\u1ebft li\u00ean quan<\/h2>\n<p>\u0110\u1ec3 bi\u1ebft th\u00eam th\u00f4ng tin v\u1ec1 l\u1ed7i GHOST v\u00e0 t\u00e1c \u0111\u1ed9ng c\u1ee7a n\u00f3, b\u1ea1n c\u00f3 th\u1ec3 tham kh\u1ea3o c\u00e1c t\u00e0i nguy\u00ean sau:<\/p>\n<ol>\n<li>T\u01b0 v\u1ea5n b\u1ea3o m\u1eadt c\u1ee7a Qualys: <a href=\"https:\/\/www.qualys.com\/2015\/01\/27\/cve-2015-0235-ghost\/\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/www.qualys.com\/2015\/01\/27\/cve-2015-0235-ghost\/<\/a><\/li>\n<li>M\u1ee5c nh\u1eadp C\u01a1 s\u1edf d\u1eef li\u1ec7u v\u1ec1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt qu\u1ed1c gia (NVD): <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0235\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0235<\/a><\/li>\n<li>Blog b\u1ea3o m\u1eadt Linux: <a href=\"https:\/\/www.linuxsecurity.com\/features\/features\/ghost-cve-2015-0235-the-linux-implementation-of-the-secure-hypertext-transfer-protocol-7252\" target=\"_new\" rel=\"noopener nofollow\">https:\/\/www.linuxsecurity.com\/features\/features\/ghost-cve-2015-0235-the-linux-implementation-of-the-secure-hypertext-transfer-protocol-7252<\/a><\/li>\n<\/ol>\n<p>H\u00e3y nh\u1edb r\u1eb1ng vi\u1ec7c c\u1eadp nh\u1eadt k\u1ecbp th\u1eddi v\u00e0 c\u1eadp nh\u1eadt h\u1ec7 th\u1ed1ng c\u1ee7a b\u1ea1n l\u00e0 nh\u1eefng b\u01b0\u1edbc quan tr\u1ecdng \u0111\u1ec3 duy tr\u00ec s\u1ef1 hi\u1ec7n di\u1ec7n tr\u1ef1c tuy\u1ebfn an to\u00e0n khi \u0111\u1ed1i m\u1eb7t v\u1edbi c\u00e1c l\u1ed7 h\u1ed5ng ti\u1ec1m \u1ea9n nh\u01b0 l\u1ed7i GHOST.<\/p>","protected":false},"featured_media":0,"menu_order":0,"template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"class_list":["post-477344","wiki","type-wiki","status-publish","hentry"],"acf":{"faq_title":"Frequently Asked Questions about <mark>GHOST Bug: A Comprehensive Analysis<\/mark>","faq_items":[{"question":"What is the GHOST bug?","answer":"<p>The GHOST bug is a critical vulnerability in the GNU C Library (glibc) found in many Linux-based operating systems. It was discovered in 2015 and allows attackers to execute arbitrary code remotely.<\/p>"},{"question":"Who discovered the GHOST bug and when was it first mentioned?","answer":"<p>The GHOST bug was identified by researchers from Qualys on January 27, 2015. They responsibly disclosed the vulnerability to glibc maintainers and the NCCIC before publicly announcing it.<\/p>"},{"question":"How does the GHOST bug work?","answer":"<p>The GHOST bug exploits a buffer overflow in the __nss_hostname_digits_dots() function of glibc. When a program makes a DNS request, this function is called to handle hostname resolution. Attackers can craft a malicious hostname, triggering the overflow and potentially gaining unauthorized access.<\/p>"},{"question":"What are the key features of the GHOST bug?","answer":"<p>The key features of the GHOST bug include its buffer overflow vulnerability, remote code execution potential, wide impact on Linux systems, and its threat to critical services like web servers.<\/p>"},{"question":"Are there different types of GHOST bugs?","answer":"<p>No, there is only one version of the GHOST bug characterized by the buffer overflow in the __nss_hostname_digits_dots() function.<\/p>"},{"question":"How can the GHOST bug be mitigated?","answer":"<p>Mitigating the GHOST bug requires prompt updates from OS vendors and developers. System administrators should update their systems and implement security measures promptly.<\/p>"},{"question":"How does the GHOST bug compare to other vulnerabilities like Heartbleed and Shellshock?","answer":"<p>The GHOST bug is a buffer overflow vulnerability, whereas Heartbleed is an information leak and Shellshock is a command injection. Each has different discovery years, affected software, and exploitation complexities.<\/p>"},{"question":"What does the future hold for the GHOST bug and cybersecurity?","answer":"<p>The future will bring increased focus on security practices, code audits, and vulnerability assessments to counter emerging threats. Vigilance and proactive measures will remain critical.<\/p>"},{"question":"How can proxy servers be associated with the GHOST bug?","answer":"<p>Proxy servers, like those from OneProxy, can help mitigate the impact of the GHOST bug by acting as intermediaries and filtering malicious requests. However, they should complement other security measures and regular updates.<\/p>"},{"question":"Where can I find more information about the GHOST bug?","answer":"<p>For more details about the GHOST bug, you can visit the following resources:<\/p><ol><li>Qualys Security Advisory: <a href=\"https:\/\/www.qualys.com\/2015\/01\/27\/cve-2015-0235-ghost\/\" target=\"_new\">https:\/\/www.qualys.com\/2015\/01\/27\/cve-2015-0235-ghost\/<\/a><\/li><li>National Vulnerability Database (NVD) Entry: <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0235\" target=\"_new\">https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2015-0235<\/a><\/li><li>Linux Security Blog: <a href=\"https:\/\/www.linuxsecurity.com\/features\/features\/ghost-cve-2015-0235-the-linux-implementation-of-the-secure-hypertext-transfer-protocol-7252\" target=\"_new\">https:\/\/www.linuxsecurity.com\/features\/features\/ghost-cve-2015-0235-the-linux-implementation-of-the-secure-hypertext-transfer-protocol-7252<\/a><\/li><\/ol>"}]},"_links":{"self":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/477344","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki"}],"about":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/types\/wiki"}],"version-history":[{"count":0,"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/wiki\/477344\/revisions"}],"wp:attachment":[{"href":"https:\/\/oneproxy.pro\/vn\/wp-json\/wp\/v2\/media?parent=477344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}