The Broadband Guide
search advanced
 forgot password?

Linux hit by GHOST critical security bug

2015-01-28 09:52 by
Tags: , , ,


Researchers at security company Qualys have found a major security hole that affects the Linux GNU C Library (glibc). Dubbed "GHOST" (CVE-2015-0235), the bug is considered critical because it allows attackers to remotely take control of Linux-based systems.

The problem is caused by a heap-based buffer overflow found in the nss_hostname_digits_dots() function in glibc. That function is used by the gethostbyname function calls. The name of the flaw - GHOST - is short for "get host by name".

"A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application," said an advisory from Linux distributor Red Hat.

Currently, there is no evidence that hackers have actually exploited the Ghost vulnerability. However, Qualys researchers successfully sent a specially crafted email to an Exim mail server running the vulnerable version of glibc and achieved a remote shell, giving them full control.

"If [researchers] were able to remotely exploit a pretty modern version of Exim with full exploit mitigations, that's pretty severe," said Jon Oberheide, a Linux security expert and the CTO of two-factor authentication service Duo Security.

Red Hat, Debian, Ubuntu and Novell have issued fixes.

Read more -here-

More technical info about GHOST can be found -here- and -here-


  Post your review/comments
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About