GHOST Vulnerability Hit Linux
On January 27, 2015 high severity vulnerability known as GHOST (CVE-2015-0235) hit Linux systems that allow the attacker to remotely take control of the system.
What is GHOST Vulnerability?
GHOST is a vulnerability that can be triggered by gethostbyname function (part of glibc), makes it incredibly easy for an attacker to exploit the system using remote code execution. For example, an attacker can send a specifically crafted email to a Linux based mail server and automatically get complete access to that server!
Why it is called GHOST Vulnerability?
It has been called GHOST vulnerability; because it can be triggered by the GetHOST functions in glibc.
What is glibc?
Known as the GNU C Library, it is an implementation of the standard C library programming language and the core part of the Linux OS.
Who is affected?
Any Linux system that use glibc starting with glibc-2.2 that released on November 10, 2000
Which include all supported Linux systems like: Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7 and Ubuntu 12.04
What to do?
All Linux distribution vendors have released patches for glibc at the same day of announcement January 27, 2015.
SO, every system administrator managing a Linux server is advised to update his servers.
Who discovered it?
Qualys security researchers discovered this bug and worked closely with Linux distribution vendors; to prepare the patches then announced the vulnerability.