We wanted to alert you about a major security risk for anyone running CentOS5/RHEL5 systems. The underlying bug in glibc can be used to gain root access given a local account, and an exploit for the vulnerability has been publicly released.
To see if your operating system is CentOS 5, please check the following in root SSH:
If it is CentOS5, the output will show "CentOS release 5.x" where x is an OS revision number.
To update, please execute the following:
yum update glibc*
There is no need to reboot the system or restart any system daemons.
We can perform this upgrade for you for a fee of $35. You would simply need to contact firstname.lastname@example.org
with the last 4 digits of your card on file and your account username or primary domain name.
Those who are on monitored hosting, please note we can provide this update for you at no cost.
Please note that CentOS/RHEL systems prior to version 5 are not vulnerable to this issue. You can read more about it at the following locations:https://rhn.redhat.com/errata/RHSA-2010-0787.htmlhttp://seclists.org/fulldisclosure/2010/Oct/257
If you have any questions, please contact email@example.com
with those questions.
Lunarpages System Administrator Team