ITS Security would like to alert the campus community of a recently announced Critical vulnerability that affects a number of Linux operating systems. Dubbed the “GHOST” vulnerability, a flaw in the glibc library present in many Linux operating systems could allow a remote attacker to compromise an affected system through a buffer overflow against the gethostbyname() function. Individuals responsible for Linux workstations or servers are strongly recommended to patch and reboot to protect against this vulnerability as soon as possible. Please refer to your distribution’s support pages for further information and impacted releases, or departments may contact their area’s LSP.
https://access.redhat.com/articles/1332213
http://www.ubuntu.com/usn/usn-2485-1/
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
Thank you,
Ellen