Read more of this story at Slashdot.
Qualys discovered a criticalbuffer overflow in the gethostbyname() and gethostbyname2() functions in glibc. According to the announcement by Qualys, they were able to create an in-house exploit that will execute arbitrary code via the Eximmail server. [1]
glibcbefore version 2.18 (released August ) is vulnerable. You can quickly check your glibc version by using ldd --version (but not all Unix systems that use glibc have ldd installed, and some software is statically compiled with glibc)
These glibcfunctions are used on most (all?) Unix systems to resolve hostnames . Any software that at some point resolved host names is potentially vulnerable, which includes pretty much all software that uses the network in some from (clients and servers). The problem has been fixed in some versions of glibc, but it was originally not recognized as a security vulnerability, and as a result not backported in older, still widely used and supported versions of glibc.
What should you do: Apply this update as soon as you see patched offered by your Linux/Unix distribution. Some Windows software (and of course OS X) uses glibcas well and may be vulnerable.
[1]http://openwall.com/lists/oss-security/2015/01/27/9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.Qualys discovered a criticalbuffer overflow in the gethostbyname() and gethostbyname2() functions in glibc. According to the announcement by Qualys, they were able to create an in-house exploit that will execute arbitrary code via the Eximmail server. [1]
glibcbefore version 2.18 (released August ) is vulnerable. You can quickly check your glibc version by using ldd --version (but not all Unix systems that use glibc have ldd installed, and some software is statically compiled with glibc)
These glibcfunctions are used on most (all?) Unix systems to resolve hostnames . Any software that at some point resolved host names is potentially vulnerable, which includes pretty much all software that uses the network in some from (clients and servers). The problem has been fixed in some versions of glibc, but it was originally not recognized as a security vulnerability, and as a result not backported in older, still widely used and supported versions of glibc.
What should you do: Apply this update as soon as you see patched offered by your Linux/Unix distribution. Some Windows software (and of course OS X) uses glibcas well and may be vulnerable.
[1]http://openwall.com/lists/oss-security/2015/01/27/9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.Read more of this story at Slashdot.