Critical GHOST vulnerability affects most Linux Systems


Qualys has provided an explanation of the CVE-2015-0235 GHOST: glibc buffer overflow vulnerability. This vulnerability uses the gehostbyname*() function in the GNU C Library (glibc) function to carry out a heap based buffer overflow attack. glibc is a low-level Linux API used by most libraries. The attacker can use buffer overflow to progressively write the malicious code to be executed into the working memory used by the application (such as the EXIM Mail Server used by Qualys as an example this time). Depending on differences in the attacked application, a well-written malicious program may be able to bypass system protections (e.g. ASLR, PIE and NX) and run the malicious code to launch a remote code execution attack. Security updates are now available from Linux vendors. 

Related information