Summary
Researchers at cloud security company Qualys have discovered a major security hole, GHOST, in the Linux GNU C Library (glibc). This vulnerability enables hackers to remotely take control of systems without even knowing any system IDs or passwords.
Vulnerability Severity
High
The Geeky details of how GHOST works
The security hole can be triggered by exploiting glibc’s gethostbyname functions. This function is used on almost all networked Linux computers when the computer is called on to access another networked computer either by using the /etc/hosts files or, more commonly, by resolving an Internet domain name with Domain Name System.
If you’d like more details about this vulnerability read the full story here.
Solution
No action is required by Host Geek customers. Our engineers are currently applying a patch to mitigate the risk and we will continue to monitor the situation for any further updates.
If you have any questions regarding GHOST please email support@hostgeek.com.au.