The GHOST bug is a buffer overflow security vulnerability in some distributions of Linux that can potentially enable attackers to execute arbitrary code on systems.
Specifically categorized as GHOST (gethostbyname) CVE-2015-0235, the GHOST bug flaw resides in the gethostbyname() and gethostbyname2() function calls in older versions of the GNU C Library (glibc) that is packaged with a variety of Linux distributions, including versions 5, 6 and 7 of Centos / RHEL / Fedora as well as Ubuntu 12.04.
In addition to older Linux distributions being vulnerable, applications and websites running on server hosts that use these older distributions may be susceptible to the GHOST bug as well, including WordPress Web sites and various PHP applications.
Discovery of the GHOST Bug and Patches for the Vulnerability
The GHOST bug was first found and documented by security firm Qualys in early 2015. The GHOST vulnerability only affects older versions of the glibc library, as it was patched in the glibc-2.18 update, which debuted in August 2013.
However, while updated versions of glibc library have been available since 2013, it’s very common for enterprise servers to continue running older versions of Linux that are considered more stable. As a result, the GHOST bug has remained an open vulnerability for many enterprises despite patched versions of the glibc library being available.
While there isn’t much evidence at this time of the GHOST bug being maliciously targeted by attackers, security researchers do recommend updating vulnerable installations of Linux as quickly as possible to prevent potential exploitation.
- Cloud App Policy
Cloud app policy refers to policies and procedures put in place by enterprises to ensure that the usage of cloud applications by employees complies with the overall corporate security plan as well as regulatory requirements. Policies Range From Minimal to Highly Restrictive The cloud app policies put in place by companies can range from minimal […]
- GameOver Zeus
GameOver Zeus is a sophisticated evolution of the ZeuS malware that cybercriminals created to steal usernames and passwords from users on infected systems. GameOver Zeus, or GOZ, initially spread via a malicious spam and phishing campaign that sent out e-mails appearing to come from reputable organizations such as the Federal Reserve Bank, the Federal Deposit […]
- Data Loss Prevention (DLP)
Data loss prevention, or DLP, refers to technology or software developed to protect and prevent the potential for data loss or theft. Data loss protection software is designed to monitor, detect and prevent the loss of data while it’s at rest, either in on-premises storage drives or in the cloud, as well as when it’s […]
Cridex is a sophisticated strain of banking malware that can steal banking credentials and other personal information on an infected system in order to gain access to the financial records of a user. The Cridex Trojan Horse spreads by copying itself to mapped and removable drives on infected computers. Cridex creates a backdoor entry point […]
- Web Scale IT (Web SCale Infrastructure)
Web-scale IT is the phrase used to reference a global-class of computing — or architectural approach — used to deliver the capabilities of large cloud service providers within an enterprise IT setting. The approach is to design, build and manage data center infrastructure where capabilities go beyond scale in terms of size to include scale […]