Critical glibc Vulnerability Patched on all SiteGround Servers
Hours ago a critical vulnerability in the GNU C Library (glibc) was announced alongside a proof of concept for the attack. This library is one of the main components in the majority of Linux distributions (if not all) including those, used for server OS’es. Without getting into too much technicalities, the exploit allows an attacker to remotely execute code by following a simple link. That’s one of the most severe vulnerabilities discovered in the recent years and potentially affects pretty much any Linux server out there.
Given that all SiteGround servers run on CentOS – a Linux distribution, we took immediate measures to secure our machines. I am happy to announce that a patch has been applied on all our servers and our customers are well protected against this security threat!
Comments ( 12 )
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through
Tom
At SiteGround, how was this handled and how did it affect customers? At my host, without warning, they took server down for maintenance so my site was down for almost 1 hour. I did not have time to warn site visitors nor did I even know the cause until I rushed home, got on tech support and they told me about this issue.
Iskra Rasheva Siteground Team
Sorry for your bad experience Tom. At SiteGround we updated the glibc library and reset the services using it with zero downtime for our customers.
Fran
Hi there, unfortunately my site is still down! Not working at all! Thanks
Iskra Rasheva Siteground Team
Fran, your site is now up and running! The connection loss was due to a DDoS attack as we informed in your User Area. This is not related to the fixed glibc vulnerability.
Fran
It's working now! thank you so much!!!!!
Don Green
My site dreamgreen.org is still down after at least 4 hours. Any news?
Iskra Rasheva Siteground Team
Don, please log in to your User Area and read the important information we have posted. Your site has significantly exceeded the server resource limits, which has caused the service interruption. Please get in contact with our Support team to assist you further. Note that your case is not related to the glibc vulnerability fix.
Don Green
Seems like a denial of service attack.
Iskra Rasheva Siteground Team
Our support specialists will be able to give you more info Don. Please post a ticket and they will look after you.
Mark
Hello, if possible I'd like to know how SiteGround deal with security vulnerability of Php versions, that have reached the End of Life, like versions 5.3 or 5.4 Thanks
Daniel Kanchev Siteground Team
Hi, Mark. I already replied to your comment here.
Mark
Perfect, thank you.
Start discussion
Thanks! Your comment will be held for moderation and will be shortly published, if it is related to this blog article. Comments for support inquiries or issues will not be published, if you have such please report it through