SWAMP Security Notification: GHOST Vulnerability Patch

Posted on by Leave a comment

Dear SWAMP Users,

GHOSTAs you may be already aware, a major vulnerability called Ghost was released on January 27th, 2015 that affects most Linux systems.

The SWAMP infrastructure team has already patched all systems in the SWAMP to mitigate this vulnerability. If you have any questions or comments, please don’t hesitate to contact the security team directly at security@continuousassurance.org.

The vulnerability, called GHOST and identified by CVE-2015-0235 affects software that uses the gethostbyname system call under versions of GNU glibc between 2.2 and 2.17. This vulnerability would allow an attacker to locally or remotely execute code without any system credentials.

More information about this vulnerability CVE-2015-0235 is available at: http://www.openwall.com/lists/oss-security/2015/01/27/9.

Thank you for your time,

SWAMP Security Team

Comments

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.