Skip to main content

Critical 15 Year-old Linux Security Hole (Ghost) Revealed

Article Reads:14373

linux-ghost-security-gnu-lib-vulnerability-1Security researchers at qualys.com yesterday released information on a critical 15 year-old Linux security hole which affects millions of Linux systems dated back to the year 2000.  The newly published security hole – code named ‘Ghost’  was revealed yesterday by Qualy’s security group on openwall.com.

The security hole was found in the __nss_hostname_digits_dots() function of the GNU C Library (glibc).

The function is used on almost all networked Linux computers when the computer tries to access another networked computer either by using the /etc/hosts files or, more commonly, by resolving a domain name with Domain Name System (DNS)

As noted by the security team, the bug is reachable both locally and remotely via the gethostbyname*() functions, making it possible remotely exploit it by triggering a buffer overflow by using an invalid hostname argument to an application that performs DNS resolution.

The security hole exists in any Linux system that was built with glibc-2.2 which was released in November 10th, 2000. Qualy mentioned that the bug was patched on May 21st, 2013 in releases glibc-2.17 and glibc-2.18.

Linux systems that are considered vulnerable to the attack include RedHat Enterprise Linux 5, 6 and 7, CentOS 6 and 7Ubuntu 12.04 and Debian 7 (Wheezy).

Debian has is already patching its core systems (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776391) while Ubuntu has already patched its 12.04 and 10.04 distributions (https://www.ubuntu.com/usn/usn-2485-1/). CentOS patches are also on their way.

Your IP address:

44.192.95.161

All-in-one protection for Microsoft 365

All-in-one protection for Microsoft 365

Free NIS2 Compliance Directive Webinar

EU Network and Information Security (NIS2) Compliance Directive

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Zoho Netflow Analyzer Free Download

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Security Podcast

Hornet-Security-The-Swarm-Podcast

Firewall Analyzer

zoho firewall analyzer