PDA

View Full Version : New Linux Bug Could Cause "a Lot of Collateral Damage on the Internet"



Teh One Who Knocks
01-28-2015, 12:14 PM
Jamie Condliffe - Gizmodo


http://i.imgur.com/npRB6GN.jpg

Linux users around the world are scrambling to update their operating systems, as a new flaw known as GHOST has been shown to have the potential to cause "a lot of collateral damage on the Internet."

The new bug—which gets its name from the gethostbyname functions that are used to trigger it—could allow hackers to gain remote control of users' systems. It then provides the ability to execute malicious code on servers used to deliver e-mail and host webpages.

The flaw has been identified by cyber security firm Qualys, though it has not yet released that code publicly. However, Duo Security told Ars Technica that "there could be a lot of collateral damage on the Internet if this exploit gets published publicly, which it looks like they plan to do, and if other people start to write exploits for other targets."

There are no known cases of hackers having actually exploited the Ghost vulnerability to date. But the Qualsys teams explained that: "We were able to do it. We think somebody with good security knowledge would also be able to do it."

Fortunately, a patch for the vulnerability exists, but most Linux versions used in production systems remain unprotected at the moment. Users are being urged to update their systems as soon as possible.

Goofy
01-28-2015, 12:44 PM
So all 5 linux users will need to upgrade? :shock:















:lol: #dgx

Noilly Pratt
01-28-2015, 05:05 PM
:hand: My office has been forced to "upgrade" to Linux. Damned thing is so unreliable - I run a Windows 7 emulator constantly in order to function.

We upgraded because Linux has better security and can run 1 program better than Windows... :rolleyes:

DemonGeminiX
01-28-2015, 11:37 PM
So all 5 linux users will need to upgrade? :shock:

:lol: #dgx

[-(

There's a few more than just 5.






















Something like 2 or 3. 8-[

amex
02-08-2015, 08:24 PM
So all 5 linux users will need to upgrade? :shock:
















:lol: #dgx
:rofl:
Ghost vulnerability is in Linux GNU C Library :lol: it efects all linux based systems lemme ask you on what system do you think you are running your website
<spoiler>it aint windows :nana::nana:</spoiler>
answer---> ..yes web servers are usally using some kind of linux flavour lets hope your hosting patched it on time :shock:x2


more info:
http://www.tomsguide.com/us/ghost-linux-flaw,news-20366.html



Qualys will not release the exact details of its exploit right away, but look forward to seeing pranksters such as Lizard Squad try to use GHOST to deface websites in the coming weeks.