COVID-19 UPDATE

OUR FULL TEAM IS AVAILABLE ONLINE

We are ready to assist you with any website and digital marketing requirements. Please get in touch if you need a hand.

search

Learn

Abilash
Abilash

GHOST Vulnerability is in Australia

GHOST Vulnerability is in Australia

Posted in Internet Security, Website Hosting by Abilash on February 11, 2015

Which GHOST are we talking about?

Ghost bug

GHOST is a security vulnerability named after the actual function which was identified as vulnerable in glibc – gethostbyname(). Qualys identified this vulnerability and published their advisory at CEV-2015-0235. The buffer overflow in the __nss_hostname_digits_dots() function used by gethostbyname() function calls and it allows arbitrary code execution from unauthenticated users. The vulnerability was first introduced in November 2000 and has been fixed in source code since May 2013. However, most stable and long-term-support distributions of Linux were left exposed until the major Linux distributors released a patch for the vulnerability on January 27, 2015.

GHOST is in Australia!

It’s the first serious open source bug disclosed this year following last year’s Heartbleed bug in OpenSSL, the Shellshock bug in Bash and the POODLE bug (Poodle is actually an acronym for Padding Oracle On Downgraded Legacy Encryption) related to the the SSL v3 fall back issue. Not just Australia, this vulnerability is a global vulnerability and a major chunk of Linux distributions that have glibc versions 2.2 through 2.17 are vulnerable. Versions 2.18 through 2.20 or 2.1.3 or under are not vulnerable. Since we are an Australian-owned company with local licensees you can actually meet and talk to, contact Concise Digital for any further information.

Is it GHOST or does my heart bleed?

GHOST is not as scary as Heartbleed as it sounds, even though it allows remote execution of malicious code. The impact of GHOST has already been mitigated by various factors including the fact that gethostbyname() is now obsolete in most of the distributions and has been replaced with getaddrinfo function which supports IPv6. Exploiting the GHOST vulnerability is not as easy as it was with Heartbleed, as it involves different conditions or factors to get it exploited successfully.

Why write about it if it is not very serious?

According to the statistics from the ABS, 47.2% of the Australian businesses have web presence. 53% of the consumers placed orders via the internet. This means the Australian Web Hosting and the Australian E-commerce website development companies have increased in numbers. If you are a business owner, you should be concerned about who is hosting your website and how it is being taken care of, before jumping into the online sales which may be in $billions but a single GHOST can take you out of your business forever, losing a customer’s trust in you. Most of the managed web hosting providers may be able to protect your customer’s data on their servers by making sure all the patches are applied as and when a vulnerability is discovered.

Advice for my own servers please….?

If you are maintaining your own servers, you need to make sure you apply the security patches. Most distros have already pushed a stable and non-vulnerable version of glibc and you may update your servers through your favourite software manager or install it from source. A list of vulnerable distros have been listed here. Administrators should roll these out as soon as possible!

Connect with us

Would you like to know the best tools and business resources we recommend?

Connect with us on social media as we share links to news, vital updates and other cool stuff to make you money and save you money.

Learn with us

Now you can learn how to stay on top of change in the digital world. We run workshops and webinars to help our clients and our community. Most of these are free.

Join up for webinar invites

Concise Digital Site Map