glibcbefore version 2.18 (released August ) is vulnerable. You can quickly check your glibc version by using ldd --versNew Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST), (Tue, Jan 27th)_HackDig : Dig high-quality web security articles for hackersHackDig" />

HackDig : Dig high-quality web security articles for hackers

«No Previous
No Next

New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST), (Tue, Jan 27th)

2015-01-27 20:30

Qualys discovered a criticalbuffer overflow in the gethostbyname() and gethostbyname2() functions in glibc. According to the announcement by Qualys, they were able to create an in-house exploit that will execute arbitrary code via the Exim">glibcbefore version 2.18 (released August ) is vulnerable. You can quickly check your glibc version by using ldd --version">These glibc">What should you do: Apply this update as soon as you see patched offered by your Linux/Unix distribution. Some Windows software (and of course OS X) uses glibcas well and may be vulnerable. Use thegetaddrinfo() function, not">[1]">You shouldn">Highly critical Ghost">GHOST glibc Remote Code Execution Vulnerability Affects All Linux Systems - Michael Mimoso, Threatpost

LinuxGhostRemoteCode">---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.


Source: ssr;pma&73291=diyrots?lmth.yraid/ude.snas.csi

Read:4237 | Comments:0 | Tags: Vulnerability

“New Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST), (Tue, Jan 27th)”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud