Who is protected by Aker Firewall is not afraid of “The ghost (CVE-2015-0235) “.
Published on January 29, 2014
On January 27, 2014, Red Hat along with other Linux operating system developers recommended that all customers update their systems in order to avoid damage caused by a new bug titled Ghost.
The flaw was discovered by researchers and the security company Qualys.
Together they identified a Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allowing context-dependent attackers to execute arbitrary code (locally or remotely) through vectors related to the gethostbyname or gethostbyname2 (gethostbyname is used to resolve names into IP addresses, by a number of programs and applications) function, a.k.a “GHOST.”
In this scenario, Aker Security Solutions’ Incident Response Team quickly deployed hotfixes to protect your digital environment.
Learn more about the Ghost here. (https://www.security.unicamp.br/76-nova-vulnerabilidade-critica-em-glibc-cve-2015-0235-ghost.html)
Check out the hotfixes available for download to correct the CVE-2015-0235 vulnerability: