Security researchers have recently exposed a named Ghost（GHOST）a serious security vulnerability, this vulnerability may allow an attacker remote accessoperating systemis the highest control authority, the impact of the market on a large number of Linux operating system and its release version. The vulnerability CVE number CVE-2 0 1 5-0 2 3 of 5.
What is the glibc
glibc is the GNU release of the libc library, the c run-time library. glibc is a linux system, most of the underlying api, almost any other runtime will depend on glibc it. glibc in addition to the package of the linux operating system provides system services, it also provides many other necessary functions and services. glibc encompasses almost all of the UNIX prevailing standards.
Code audit company Qualys researchers in the glibc library in the__nss_hostname_digits_dots()function found a buffer overflow vulnerability, the bug can be subjected to gethostbyname*()function is local or remote trigger.
Application main use of the gethostbyname*()function initiates a DNS request, this function will be the host name converted to ip address.
Scope of impact
The vulnerability affects glibc library version 2. 2-2. 1 7 The Linux operating system
Operating systemtypes include
CentOS 6 & 7 Debian 7 Red Hat Enterprise Linux 6 & 7 Ubuntu 10.04 & 12.04 Each Linux distribution