



Since from November 2000, Linux system that were designed with glibc-2.2 was vulnerable to this bug. This means almost more than half of the network server system are vulnerable to GHOST.





Linux System Vulnerable to GHOST





Exploit GHOST Bug?

To exploit the GHOST bug attacker just have to exploit glibc's gethostbyname functions . This function is used on almost all networked Linux computers when the computer is called on to access another networked computer either by using the /etc/hosts files or, more commonly, by resolving an Internet domain name with Domain Name System (DNS).









Wolfgang Kandek, said in a Qualys's CTOsaid in a statement that - "GHOST poses a remote code execution risk that makes it easy for the attacker to exploit and hijack victim machine. Attacker just have to send a simple email on a Linux-based system and to get complete access to that machine,"





Currently Qualys's team have not released all the technical details or the exploit of the vulnerability, but they mention that in future company will release exploit if the risk of the threats get low .





We recommend all Linux users to update their system and also advised to all the server admin to patch it as soon as possible. You can also check the advisory notes by Qualys team for more information





Advisory Video for GHOST Bug

Last year Security researcher have found a critical bug on Linux dubbed as, which leaves whole internet under threats. After the couples of the months also there tonnes of Linux system that are vulnerable to Shell Shock a.k.a Bash Bug.Once again researcher from cloud security companyhave found another criticalThis vulnerability allows any hacker to take full control over the vulnerable system remotely without knowing any system IDs or passwords.Qualys team had reported the issue to all the major distributor and most of them have released the patch for the vulnerability. One of the major Linux distributor Red Hat have already issues the patch for the bug and users can update it to fix GHOST. Currently Red Hat had released the patch for the 5, 6, and 7 via the Red Hat Network.An attacker needs to do is trigger a buffer overflow by using an invalid hostname argument to an application that performs a DNS resolution. This vulnerability then enables a remote attacker to execute arbitrary code with the permissions of the user running DNS.