AHosting Warns WordPress Web Hosting Users of Remote Code Execution Vulnerability

Furlow consulting

AHosting, a managed web hosting and WordPress hosting provider with owned/operated data center facilities in Orlando, FL, and Detroit, MI, has released an advisory warning for WordPress users to immediately update Linux servers in light of the recent discovery of the GHOST vulnerability.

AHosting has observed that a small number of WordPress hosting users misunderstand the scope of the vulnerability, they would mistakenly believe that by updating their WordPress installation, they remove the risk.

While WordPress can be used as a vector in the GHOST attack, it is not itself the cause of the vulnerability. AHosting wants to make it clear that only by upgrading the underlying server operating system can the risk of the GHOST exploit be mitigated.

wordpress-web-hosting“As a provider of content management system hosting, we updated all of our WordPress hosting servers as soon as the patches became available, but we’re seeing a number of dedicated server and virtual private server hosting clients failing to properly mitigate the risk of GHOST,” said Daniel Page, Director of Business Development at AHosting. “We want to increase awareness that updating a WordPress installation, or any other CMS installation, isn’t enough to remove the risk – the underlying operating system should be updated.” 

The GHOST vulnerability is caused by a overflow bug in the gethostbyname() function of the GNU C Library (glibc), which is an essential component of all Linux servers.

WordPress, along with many other applications, makes use of the gethostbyname() function via a PHP wrapper, which means that it may be possible for a malicious individual to use WordPress to trigger the overflow bug and have arbitrary code executed on the server.

The only way to remove the GHOST vulnerability is to upgrade the server’s version of the glibc library – all major Linux distributions have released patches.

Furlow consulting