Vulnerability

Dirty COW (CVE-2016-5195) is the latest vulnerability to be given a brand and is being dubbed the biggest privilege escalation vulnerability to date on Linux. https://dirtycow.ninja/ The reason for all the hype is because of the amount of devices the vulnerability affects as it has been in the linux kernel since 2.6.22 (2007) and is easily exploitable reliably. That’s enough of the background info, follow the link above if you want to learn more.

A new dangerous and wide spread vulnerability has been found in the GNU C Library (glib) and has been nicknamed GHOST after the function that is affected, the real name for this is CVE-2015-0235. The work carried out by Qualys (https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability) has found that certain functions in the library are vulnerable to a buffer overflow attack giving the attacker full remote access to the victim. “During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc.