Linux users are on a high risk due to a security flaw in a core library component that is used by almost all Linux distributions. This critical vulnerability allows remote attackers to execute arbitrary code due to a buffer overflow in the glibc (GNU C) library. Shell access to the machine can be taken by sending a malformed message to an email application. Security researchers from Qualys identified the issue and claim that this issue has been there for the last 14 years. glibc 2.17 and 2.18 eradicated this issue. But still several Linux distributions has not implemented yet. Affected OS are Debian 7 (wheezy), Red Hat Enterprise Linux 6 and 7, CentOS 6 and 7; and Ubuntu 12.04. <more>
Friday, February 6, 2015
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment