The problem was not as big as initially believed

Jan 28, 2015 18:57 GMT  ·  By

A new interesting GNU C Library vulnerability has been found and the Ubuntu developers have been quick to fix it in Ubuntu 10.04 LTS and Ubuntu 12.04 LTS systems.

This new vulnerability is called GHOST and it has been intensely publicized, but the truth of the matter is that it's not all that dangerous and it's pretty well contained. In fact, in order to exploit it, a user needs to make some serious efforts and the rewards are not all that great.

The security report says that "It was discovered that a buffer overflow existed in the gethostbyname and gethostbyname2 functions in the GNU C Library. An attacker could use this issue to execute arbitrary code or cause an application crash, resulting in a denial of service." You can find a much more detailed description of the GHOST vulnerability in our initial report.

The problem can be fixed by upgrading the system(s) to the latest libc6 packages specific to each distribution. It's worth mentioning that newer systems like Ubuntu 14.04 LTS and Ubuntu 14.10 were not affected.

To apply the patch, run the Update Manager application. In general, a standard system update will make all the necessary changes. Users will also need to reboot the system in order to complete the procedure.