PHP and WordPress Vulnerability in glibc

A vulnerability was found in the Gnu C Library called “glibc” which can allow attackers to gain control of Linux servers.

This “buffer overflow” attack vector affects all Linux systems, servers and sites that use glibc.

The vulnerability affects glibc up to version 2.17 and was patched in version 2.18. So far this vulnerability doesn’t seem to be currently exploited in the wild.

If you run a Linux server it is suggested you upgrade to glibc 2.18.

References:

http://blog.spiderlabs.com/2015/01/ghost-gethostbyname-heap-overflow-in-glibc-cve-2015-0235.html

http://threatpost.com/php-applications-wordpress-subject-to-ghost-glibc-vulnerability/110755

https://access.redhat.com/articles/1332213

http://www.openwall.com/lists/oss-security/2015/01/27/9