CERT mailing list archives
Linux "Ghost" Remote Code Execution Vulnerability
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Tue, 27 Jan 2015 16:10:54 -0600
NCCIC / US-CERT National Cyber Awareness System: Linux "Ghost" Remote Code Execution Vulnerability [ https://www.us-cert.gov/ncas/current-activity/2015/01/27/Linux-Ghost-Remote-Code-Execution-Vulnerability ] 01/27/2015 04:39 PM EST Original release date: January 27, 2015 The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected. US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu [ http://www.ubuntu.com/usn/usn-2485-1/ ] and Red Hat [ https://access.redhat.com/security/cve/CVE-2015-0235 ]. The GNU C Library versions 2.18 and later [ http://www.gnu.org/software/libc/ ]are also available for experienced users and administrators to implement. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- Linux "Ghost" Remote Code Execution Vulnerability US-CERT (Jan 27)
- <Possible follow-ups>
- Linux "Ghost" Remote Code Execution Vulnerability US-CERT (Jan 28)