Nov 10, 2018

How to Detect and Patch the GHOST Vulnerability

As you may have already heard, a high severity vulnerability affecting Linux GNU C Library (glibc) was announced this morning. The vulnerability known as GHOST (CVE-2015-0235) affects many systems built on Linux starting with glibc-2.2 as well as Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7 and Ubuntu 12.04, and allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials. 

We recommend taking immediate action by scanning your Linux systems with a free trial of Qualys Vulnerability Management (VM). With your trial, you'll get reports detailing enterprise-wide exposure and gain visibility into the impact within your organization to efficiently track the remediation progress of this serious vulnerability. If you think you may be affected, patches are available from all of the Linux vendors starting today. 

For more information on GHOST, follow the conversation on our Laws of Vulnerabilities blog.

Persistent Perimeter Patrol for GHOST. Learn more about Qualys Continuous Monitoring (CM) – a new approach to proactively protecting your global perimeter from threats such as GHOST. CM provides you with an always-on view of potential security holes. Find out how to get alerts to threats and changes of your network perimeter with a free trial: Qualys Continuous Monitoring