iTnews
  • Home
  • News
  • Technology
  • Security

Linux distros quickly patch critical 'Ghost' vulnerability

By Allie Coyne on Jan 28, 2015 12:31PM
Linux distros quickly patch critical 'Ghost' vulnerability

Big bad buffer overflow discovered.

Major distributors of the Linux operating system today released patches for a newly-discovered vulnerability that could allow hackers to gain remote control of user systems.

The previously undisclosed vulnerability, dubbed "Ghost", was rated critical as it can be exploited to give attackers remote control over systems without requiring system IDs or passwords.

The buffer overflow flaw - which resides in the Linux GNU C Library (glibc) - was discovered by cloud security firm Qualys, which alerted the major Linux distributors soon after the discovery in order for patches to be released.

The vulnerability has been named 'Ghost' because it is triggered by glibc's gethostbyname functions.

An attacker can exploit the gethostbyname() and gethostbyname2() functions by triggering a buffer overflow flaw in both.The Ghost vulnerability allows attackers to remotely execute any code on servers, with the privileges of the logged in user.

"Ghost poses a remote code execution risk that makes it incredibly easy for an attacker to exploit a machine. For example, an attacker could send a simple email on a Linux-based system and automatically get complete access to that machine," Wolfgang Kandek, Qualys's CTO, said in a statement.

"Given the sheer number of systems based on glibc, we believe this is a high severity vulnerability and should be addressed immediately. The best course of action to mitigate the risk is to apply a patch from your Linux vendor."

Qualys said it had written proof-of-concept code to carry out the code execution attack, and successfully bypassed all existing exploit protections on both 32-bit and 64-bit systems.

Qualys director of engineering Amol Sarwate said he was not aware of any cases in which the Ghost vulnerability had been exploited in the wild, but said motivated hackers would be able to figure out how now that the bug has been disclosed.

"We were able to do it. We think somebody with good security knowledge would also be able to do it," he said.

Top Linux provider Red Hat recommended customers update their systems "as soon as possible to mitigate any potential risk".

Other Linux systems vulnerable to attack include Debian 7 (Wheezy), RHEL 5, 6, and 7, CentOS 6 and 7 and Ubuntu 12.04, according to Qualys.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
ghostlinuxsecurityvulnerability

Partner Content

Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Allie Coyne
Jan 28 2015
12:31PM
0 Comments

Related Articles

  • Cisco security appliances have critical vulnerabilities
  • Microsoft patched Azure bugs without notifying users, Tenable claims
  • IBM workflow analysis software beset by bugs
  • Apple defeats class action over Meltdown, Spectre vulns
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
SA Police ignores Adelaide council plea for facial recognition ban on CCTV

SA Police ignores Adelaide council plea for facial recognition ban on CCTV
NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

Digital Nation

IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
The security threat of quantum computing
The security threat of quantum computing
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.