Critical security bug hits South African websites

Many Linux-hosted websites, including those hosted in South Africa, are vulnerable to a “potentially catastrophic” flaw in a core software library.

By - February 17, 2016 Share on LinkedIn
Critical software security bug

A severe vulnerability recently uncovered in the widely-used GNU C Library (glibc) can cause severe security problems for websites if they don’t patch soon.

Ars Technica recently reported that the bug was introduced in 2008 in a function known as getaddrinfo(), and affects all kinds of devices — not just web servers.

All versions of glibc after 2.9 are vulnerable to a buffer overflow bug that lets attackers remotely execute malicious code.

It can be exploited in a number of ways, such as when vulnerable devices or applications perform domain name lookups on attacker-controlled domains, or domain name servers.

Researchers have warned that tools such as SSH, sudo, wget, and curl are all known to be vulnerable.

Ars reported that one Linux-based platform that is not vulnerable is Android, with Google explaining that it uses a substitute for glibc called Bionic.

Hetzner servers patched

Hetzner has sent an alert to its custom hosting customers informing them about the vulnerability, and recommending that they reboot their servers.

All affected services on Hetzner’s managed server platform will be restarted without the servers themselves being rebooted.

This is in order to minimise the impact on customers, and is in line with Debian’s security advisory, Hetzner said.

Anonymous hacks and leaks South African government data

The South African government passwords cracked in Anonymous database hack

Hetzner partners with DFA to offer greater ISP choice

Inside Hetzner’s new data centre

Share your thoughts

Join the conversation

Connect with Us

androidappletwitterfacebookgoogleplusfeednewsletter

Poll

Do you regularly make phone calls using your smartphone?

View Results

Loading ... Loading ...

More News

How to make your house super-secure in South Africa

Electric fence

Technology can help you create a secure and smart home in South Africa, which keeps criminals out and keeps your family safe.

Facebook testing major change to how videos play in your feed

Facebook Web

Facebook is testing a significant change in how it plays videos displayed in your feed.

Free Opera VPN comes to Android

Opera browser logo

Opera has brought its free VPN service to Android, which blocks ad trackers and lets you change your virtual location.

Four arrested in Cape Town for online dating scam

Online dating scam

Two local women and two Nigerian men were arrested in connection with online dating scams.

Free MyBroadband Newsletter
×