Critical GHOST vulnerability affects most Linux Systems

January 28, 2015 – 5:30 AM

A highly critical vulnerability has been unearthed in the GNU C Library (glibc), a widely used component of most Linux distributions, that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines.

The vulnerability, dubbed “GHOST” and assigned CVE-2015-0235, was discovered and disclosed by the security researchers from Redwood Shores, California-based security firm Qualys on Tuesday.

CRITICAL AS HEARTBLEED AND SHELLSHOCK

GHOST is considered to be critical because hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge of system credentials (i.e. administrative passwords).

The flaw represents an immense Internet threat, in some ways similar to the Heartbleed, Shellshock and Poodle bugs that came to light last year.

Source:
http://thehackernews.com/2015/01/ghost-linux-security-vulnerability27.html

You must be logged in to post a comment.