Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Linux system admins warned of serious security vulnerability in Glibc library

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 17, 2016

It's reported today that various internet security teams from Google and Red Hat have warned of a serious security issue in the Glibc library used by most GNU-Linux distributions.

That security vulnerability can easily be used to attack Linux servers through various DNS resolution parameters that could prevent the servers from working normally.

Google's online security blog announced that security hole last evening, having run into problems crashing an SSH client which were traced back to a security flaw in the Glibc library.

But rather than simply causing some instability in the operating system, the team soon discovered there was a critical buffer overflow problem which could be easily exploited to run malicious code on a server through a phony DNS query.

Although the issue was mitigated by protections elsewhere within the operating system such as address space layout randomisation (ASLR), there are still some distributions that are vulnerable, Red Hat warns.

Two Red Hat researchers have also found that they were able to develop and test a security patch for the problem which has now begun being distributed to various Linux clients.

From network routers through to smart lightbulbs, the ubiquity of Linux and IoT in embedded appliances could make entirely eradicating the flaw difficult, however.

Vendors frequently treat the Linux firmware of such devices as inviolate, rarely keeping package versions up-to-date, increasing the overall risks of those routers and appliances.

Interestingly, this isn't the first time that security flaw had been spotted. The project's bug tracker has an entry dating back to July of last year for the same problem.

For some reason, it was given a low importance as it was not believed to be security related-- a mistake which the new patch has now rectified, we are told by Red Hat.

In a nutshell, if you use Linux with the GNU packages, update Glibc at your earliest convenience, just as you should with any other operating system, Windows included.

Source: Red Hat and Google's security department.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer