ECF Posted January 29, 2015 Share Posted January 29, 2015 Thought I would pass this on as I received an email about it today. Vulnerability to CVE-2015-2035/GHOST is currently being investigated across all McAfee products. Impact: The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. This buffer overflow vulnerability can be triggered both locally and remotely. CVE-2015-0235 has been assigned to this issue. The GNU C Library or glibc is an implementation of the standard C library and is a core part of the Linux operating system. Linux distribution vendors have released patches for all distribution as of January 27, 2015. RECOMMENDATION McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see McAfee KnowledgeBase article SB10100, McAfee SEcurity Bulletin - GHOST Vulnerability https://kc.mcafee.com/corporate/index?page=content&id=SB10100 Link to comment Share on other sites More sharing options...
Raizio Posted January 29, 2015 Share Posted January 29, 2015 Pretty much every major distributions already have the updates out. yum update! Or whatever your distro uses. Link to comment Share on other sites More sharing options...
Dennis Posted January 30, 2015 Share Posted January 30, 2015 Oh, so that was why there were glib6 updates on all of our servers a couple of days ago when I did apt-get upgrade... Didn't know of this exploit, but I'm glad that we already have updated everything... Not home before tonight, and I would hate to have anything happen to our machines in the meanwhile! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.