Cloud security and compliance company Qualys discovered a high severity vulnerability within the UNIX wildebeest C Library (or “glibc”) that might enable attackers to remotely execute code and gain management of UNIX systems.
The CVE-2015-0235 vulnerability or “GHOST” (since it uses the _gethostbyname perform) involves associate degree overflow of the heap-based buffer in glibc’s __nss_hostname_digits_dots perform mistreatment the _gethostbyname function. this enables associate degree aggressor to feature discretionary code into the system’s memory.
This affects UNIX systems that use glibc version a pair of.2 to 2.17, that spans nearly fifteen years of UNIX distributions.
“GHOST poses a distant code execution risk that creates it improbably straightforward for associate degree aggressor to use a machine. for instance, associate degree aggressor may send a straightforward email on a Linux-based system and mechanically get complete access to it machine,” Qualys CTO Wolfgang Kandek same in an exceedingly statement. “Given the sheer variety of systems supported glibc, we have a tendency to believe this can be a high severity vulnerability and may be self-addressed instantly. the most effective course of action to mitigate the danger is to use a patch from your UNIX seller.”
While glibc version a pair of.18 (released might twenty one, 2013) patched this vulnerability, several stable and long-term-support UNIX distributions ar still exposed like Debian seven, RHEL six and seven, CentOS six and seven, and Ubuntu twelve.04. this can be consistent with a Qualys security consultative announce Tuesday.
Fedora versions twenty and twenty one embrace a minimum of the glibc a pair of.18 packages, and ar thus secure.
Since the vulnerability was disclosed, Red Hat has free a patch for RHEL five likewise as RHEL six and seven, associate degreed Debian conjointly free an update addressing the vulnerability. Patches from different UNIX distributions ar expected to be extra shortly.
As Threat Post notes, “while the bug might are dormant since 2000, there’s no thanks to tell if criminals or government-sponsored hackers are exploiting this vulnerability.” And currently that it’s move into the open, fixture package are going to be vitally necessary to stay attackers unfree.
GHOST Vulnerability Poses Threat to Most Linux Systems
Geen opmerkingen:
Een reactie posten