Last week, it was announced that a new GNU glibc library buffer overflow is classified as a critical. This vulnerability may allow a hacker to take control over your system. What requires additional attention is DNS systems, as they are publically exposed.
Digital Edge reports that over weekend our security team addressed the situation. All our DNS infrastructure is up to date on security patches.
The Digital Edge team is working with fully managed clients individually to secure clients’ Linux systems.
Please contact us for more information.
Digital Edge Security
Digital Edge distributes this notification as an effort to improve the IT community cybersecurity, coordinate cyber information sharing, and proactively manage cyber risks while protecting our clients.
On January 27, 2015, Qualys Security Advisory published new Linux vulnerability repot - CVE-2015-0235.
The report alerts about Linux glibc library is being vulnerable to a buffer overflow with a risk of potential remote execution and taking over the server. Linux systems that are liable to attack include:
Even though exploit of such vulnerability is not obvious, Qualys has developed a proof of a concept when a specially crafted email can produce a remote shell to a vulnerable system.
Digital Edge will assess managed systems and work with affected clients individually.
Digital Edge security team advise all IT professionals to take this vulnerability seriously and contact us for any questions, consultations or help.
Digital Edge strives to be a trusted leader in cybersecurity and managed services in complex enterprise IT environments.