Linux systems have to be patched for latest Ghost vulnerability


Recommended Posts

Thomas the Tank Engine

 

Quote

Do you have Linux on your systems? If so, your security team should pay attention to a security warning from Google last month about another critical vulnerability in the glibc library similar to the Ghost bug found a year ago and affects all versions of glibc since 2.9.

 

It has to be patched, says Koen Van Impe, warns a security analyst at the Belgian national computer security incident response team.

 

The first vulnerability was found in the gethostbyname() function, he writes, while the so-called Ghost 2.0, is found in the getaddrinfo() function. Both functions are related to DNS lookups, and the bugs create buffer overflows.

 

And while many systems ostensibly don’t do DNS queries, Van Impe notes, it isn’t hard to force a system to do one. Therefore, he argues, all systems — both client and server — that use Linux are affected.

 

 

 

 

 

 

Read the rest: http://www.itworldcanada.com/article/linux-systems-have-to-be-patched-for-latest-ghost-vulnerability/381737

Link to post
Share on other sites
Haggis

Any decent sysadmin will have known about this, there were loads of articles published about it around 16th Feb

Link to post
Share on other sites
simonlang
3 minutes ago, Haggis said:

Any decent sysadmin will have known about this, there were loads of articles published about it around 16th Feb

wasn't this the other glibc patch which was released already? 

  • Like 1
Link to post
Share on other sites
Haggis

yup :)

  • Like 1
Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.