GHOST Buffer Overflow Vulnerability

A critical vulnerability that impacts a majority of Linux servers has been identified.  This vulnerability, named "GHOST", affects the GNU C library (glibc) that is used by Linux applications to interface with the Linux operating system via a series of function calls. The “buffer overflow” vulnerability in a pair of glibc’s functions can allow a remote attacker to exploit this flaw to execute arbitrary code on the system.  

Details of the discovery in this posting on Openwall and, Red Hat provides a detailed description of the vulnerability and updates to resolve the issue.

Continue reading →