The GHOST vulnerability (CVE-2015-0235) is a very important weakness in the Linux glibc library. It allows context-dependent attackers to remotely take complete control of the remote system without having system credentials.
It can be exploited remotely through WordPress and likely other PHP applications to compromise Web servers.
During a code audit Qualys researchers discovered a buffer overflow in the __nss_hostname_digits_dots() function of glibc. This bug can be triggered both locally and remotely via all the gethostbyname*() functions. Applications have access to the DNS resolver primarily through the gethostbyname*() set of functions. These functions convert a hostname into an IP address.
January 27 2015 most of the Linux distributions have release updated packages, which
contain a backported patch to correct this issue. To resolve this vulnerability, a patch is required followed by a reboot of the system.
Oracle Enterprise Linux: https://oss.oracle.com/pipermail/el-errata/2015-January/004810.html
GNU C Library: http://www.gnu.org/software/libc/
The entire Linux community thanks Qualys for reporting this issue.