Security experts warn enterprises to patch the serious “glibc” domain name system flaw now. The eight-year-old flaw in the open source GNU C library has been designated CVE-2015-7547. It’s not known how easily the flaw, which first appeared in glibc in 2008, could be exploited. Potentially, the vulnerability provides attackers with a “skeleton key of unknown strength,” warns Dan Kaminsky, who’s the chief scientist for anti-malware firm White Ops.”]
Source: https://www.cuinfosecurity.com/alert-patch-critical-skeleton-key-flaw-in-linux-a-8884