‘GHOST’ glibc Security Vulnerability

A security vulnerability affecting the glibc library (CVE-2015-0235) has been announced.

A bug discovered in the glibc library (the GNU implementation of the C standard library) could leave web servers, systems, and applications using certain functions in the library vulnerable to cyber-attacks. The vulnerability has been labeled CVE-2015-0235. More detailed information can be found at: https://access.redhat.com/articles/1332213. A summary can be found below.

What’s exactly is the bug?

From the CVE article on redhat.com:

“GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.”

Why is this vulnerability so dangerous?

Red Hat’s security team explains this:

“The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.”

How is HostMySite protecting me?

Our Support team and System Administrators are individually updating all of our systems. This patch requires that your server be restarted after it is applied. As always, we usually perform server updates and maintenance during our daily maintenance window, 2am – 6am EST. However, due to the severity of this issue, we want to ensure that your data on our servers is protected so some servers will be rebooted during normal hours of operation.

Still have a question?

Should you have any additional questions regarding this Security Vulnerability, please do not hesitate to reach out to our Support Team.