Jump to content

Linux Exploit


ECF

Recommended Posts

Thought I would pass this on as I received an email about it today.

 

Vulnerability to CVE-2015-2035/GHOST is currently being investigated across all McAfee products.

 

Impact:

The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. This buffer overflow vulnerability can be triggered both locally and remotely. CVE-2015-0235 has been assigned to this issue.

 

The GNU C Library or glibc is an implementation of the standard C library and is a core part of the Linux operating system. Linux distribution vendors have released patches for all distribution as of January 27, 2015.

 

RECOMMENDATION

McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see McAfee KnowledgeBase article SB10100, McAfee SEcurity Bulletin - GHOST Vulnerability https://kc.mcafee.com/corporate/index?page=content&id=SB10100

Link to comment
Share on other sites

Oh, so that was why there were glib6 updates on all of our servers a couple of days ago when I did apt-get upgrade... Didn't know of this exploit, but I'm glad that we already have updated everything... Not home before tonight, and I would hate to have anything happen to our machines in the meanwhile! :D

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Who's Online   0 Members, 0 Anonymous, 56 Guests (See full list)

    • There are no registered users currently online
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use