A “GHOST” vulnerability exists in the Linux gethostbyname() function – hence the GHOST name – that was added to glibc-2.2, which was released on Nov. 10, 2000. The bug could be used to trigger a buffer overflow and then execute code of an attacker’s choosing. Patches are available from Ubuntu and Red Hat, the U.S. Computer Emergency Response Team says in a Jan. 27 alert. An attacker could send a simple e-mail on a Linux-based system and automatically get complete access to that machine.”]
Source: https://www.cuinfosecurity.com/serious-ghost-flaw-puts-linux-at-risk-a-7848