AppCheck Updated to Detect CVE-2015-0235 (a.k.a. GHOST)
Product / Security Alerts / Posted January 09, 2015
The “GHOST” vulnerability is a security flaw within a key component of the Linux Operating System. The affected component “gethostbyname” is found in the Linux GNU C Library that is used by all Linux programs. If an attacker can pass a specially crafted hostname to the affected function it may be possible to execute malicious code on the system.
At the time of writing at least one exploitable scenario has been successfully demonstrated within the Exim mail system, further vectors including attacks against WordPress are being actively explored within the security community.
Appcheck NG has been updated to test for all currently known vectors including:
* WordPress xmlrpc.php pingback
* Local detection
Further attack vectors will be added as soon as they become known.
Get started with Appcheck
No software to download or install.
Contact us or call us 0113 887 8380