A highly critical vulnerability has been disclosed in the GNU C Library (glibc), a widely used component of all Linux distributions, that could allow attackers to execute malicious code on servers and remotely gain control of Linux machines.
The vulnerability, dubbed “GHOST” and assigned CVE-2015-0235, was discovered and disclosed by the security researchers from Redwood Shores, California-based security firm Qualys on Tuesday.
Ghost vulnerability is considered to be critical because hackers could exploit it to silently gain complete control of a targeted Linux system without having any prior knowledge its passwords.
The flaw represents an immense Internet threat, in some ways similar to the Heartbleed, Shellshock and Poodle bugs that came to light last year.
We have found that this vulnerability affects a little portion of our customers. Our Technical team is currently in the process of upgrading all affected servers of customers to a non-vulnerable version of glibc.
Once the patch is applied, a server reboot may be required. We will do the best we can so our customers won’t even get affected during the Reboot. Server Sucurity is our top priority, we will do all the upgrades as soon as possible.
For more information visit these links: