GHOST, a critical Linux security Bug reveals
GHOST, a critical Linux security , The GHOST Vulnerability, The GHOST vulnerability is a serious weakness in the Linux glibc library., What is glibc?, Linux security issue, hacking system, exploiting GHOST bug, GHOST Bug puts millions of system under threats, security bug on Linux system
Once again researcher from cloud security company Qualys have found another critical security bug on Linux GNU C Library (glibc) dubbed as GHOST (CVE-2015-0235). This vulnerability allows any hacker to take full control over the vulnerable system remotely without knowing any system IDs or passwords.
Qualys team had reported the issue to all the major distributor and most of them have released the patch for the vulnerability. One of the major Linux distributor Red Hat have already issues the patch for the bug and users can update it to fix GHOST. Currently Red Hat had released the patch for the 5, 6, and 7 via the Red Hat Network.
Since from November 2000, Linux system that were designed with glibc-2.2 was vulnerable to this bug. This means almost more than half of the network server system are vulnerable to GHOST.
Linux System Vulnerable to GHOST
Linux systems that are liable to attack include Debian 7 (Wheezy), RHEL 5, 6, and 7, CentOS 6 and 7 and Ubuntu 12.04. Besides Red Hat's fix, Debian is currently repairing its core distributions, Ubuntu has patched the bug both for 12.04 and the older 10.04, and patch for the CentOS is on the way.
Exploit GHOST Bug?
To exploit the GHOST bug attacker just have to exploit glibc's gethostbyname functions. This function is used on almost all networked Linux computers when the computer is called on to access another networked computer either by using the /etc/hosts files or, more commonly, by resolving an Internet domain name with Domain Name System (DNS).
Qualys's CTO Wolfgang Kandek, said in a statement that - "GHOST poses a remote code execution risk that makes it easy for the attacker to exploit and hijack victim machine. Attacker just have to send a simple email on a Linux-based system and to get complete access to that machine,"
Currently Qualys's team have not released all the technical details or the exploit of the vulnerability, but they mention that in future company will release exploit if the risk of the threats get low .
We recommend all Linux users to update their system and also advised to all the server admin to patch it as soon as possible. You can also check the advisory notes by Qualys team for more information
Advisory Video for GHOST Bug