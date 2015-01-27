BOSTON Jan 27 Red Hat Inc and other
makers of the widely used Linux operating system for business
computers updated their software on Tuesday to thwart a serious
new cyber threat they warned could allow hackers to gain remote
control of their systems.
The previously undisclosed vulnerability, dubbed "Ghost," is
deemed critical because attackers could exploit it to covertly
gain complete control of a targeted Linux system, according to
cyber security firm Qualys, which uncovered the bug.
To highlight the severity of the risk, researchers
identified a way to craft malicious emails that could
automatically compromise a vulnerable server without the email
even being opened, said Amol Sarwate, director of engineering
with Qualys.
The firm has not released that code and has yet to develop
other methods for attacking other types of Linux systems,
including servers that run websites.
Sarwate knows of no cases in which hackers exploited the
Ghost vulnerability to date, but suspects that motivated hackers
could figure out how now that the bug has been disclosed.
"We were able to do it. We think somebody with good security
knowledge would also be able to do it," he said.
The vulnerability is caused by a security flaw in the
open-source Linux GNU C Library, which is used by Red Hat and
other Linux software makers, according to Qualys.
It is called GHOST because it can be triggered by what are
known as gethostbyname functions.
Qualys uncovered the bug following discoveries last year of
high-profile vulnerabilities, including Heartbleed and
Shellshock, which were caused by security flaws in other kinds
of widely used open-source software.
"It won't be as widespread as those flaws, but it is
widespread enough that IT operations at many companies are
scrambling to patch," said Chris Wysopal, chief technology
officer of security software firm Veracode.
Red Hat, the No. 1 provider of Linux software to businesses,
recommends that customers update their systems "as soon as
possible to mitigate any potential risk," said company
spokeswoman Stephanie Wonderlick.
Other vulnerable software includes some of the Debian,
CentOS and Ubuntu versions of Linux, according to Qualys.
