Hi community!
Vulnerability that would allow control of Linux and free software, this security flaw can be exploited by using the function gethostbyname glibc, used in almost all Linux computers that are networked, when a node is calling another using the file /etc/hosts or using DNS. All you need to do the attacker is causing a buffer overflow using an invalid name on the DNS host service. This makes the attacker can use the system through the user running the DNS server, without knowing your credentials.
What is striking about this vulnerability, on which publicly reported last days, I was just in glibc since 2000 and was not resolved until 2013, affects FreeBSD?.
Vulnerability that would allow control of Linux and free software, this security flaw can be exploited by using the function gethostbyname glibc, used in almost all Linux computers that are networked, when a node is calling another using the file /etc/hosts or using DNS. All you need to do the attacker is causing a buffer overflow using an invalid name on the DNS host service. This makes the attacker can use the system through the user running the DNS server, without knowing your credentials.
What is striking about this vulnerability, on which publicly reported last days, I was just in glibc since 2000 and was not resolved until 2013, affects FreeBSD?.
