Fwd: Linux "Ghost" Remote Code Execution Vulnerability

0 views
Skip to first unread message

Gerald309

unread,
Jan 28, 2015, 1:38:42 PM1/28/15
to Linux...@yahoogroups.com, linux...@googlegroups.com
Fwd: Linux "Ghost" Remote Code Execution Vulnerability


-------- Forwarded Message --------
Subject: Linux "Ghost" Remote Code Execution Vulnerability
Date: Tue, 27 Jan 2015 16:11:09 -0600
From: US-CERT <US-...@ncas.us-cert.gov>
Reply-To: US-...@ncas.us-cert.gov
To: gera...@gmail.com


NCCIC / US-CERT

National Cyber Awareness System:

01/27/2015 04:39 PM EST

Original release date: January 27, 2015

The Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Linux distributions employing glibc-2.18 and later are not affected.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu and Red Hat. The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

This product is provided subject to this Notification and this Privacy & Use policy.

OTHER RESOURCES:
Contact Us | Security Publications | Alerts and Tips | Related Resources
STAY CONNECTED:
Sign up for email updates
This email was sent to gera...@gmail.com using GovDelivery, on behalf of: United States Computer Emergency Readiness Team (US-CERT) · 245 Murray Lane SW Bldg 410 · Washington, DC 20598 · (703) 235-5110 Powered by GovDelivery


Reply all
Reply to author
Forward
0 new messages