Petronella Blog Archive

Visit our New Blog

Ghost: A Major Vulnerability in Most Linux Systems

Blog Post

Hackers are able to execute their code on Linux systems.  Linux is a very widely used system used to host websites and deliver email.  The vulnerability is in most Linux distributions and is a huge threat to the internet, on par with last year's big vulnerability, Heartbleed.

Called "Ghost", this vulnerability allows hackers to execute any code they want.  Tests by security firms were able to bypass all security measures in place to prevent exploitation.  The vulnerability lies in the GNU C Library (glibc), leaving programs written in C, C++, Python, Ruby and just about every other programming language.  Vulnerable components include Apache, Cups, Dovecot, Exim, GnuPG, MySQL, Shell servers, sendmail, form submitters and many more.

A patch for the exploit the Ghost bug was released two years ago, but many Linux systems have not been updated in that time, in part because Linux systems need to be rebooted after being patched, which requires system downtime.

An update is available here.