GHOST is a 'buffer overflow' bug affecting the gethostbyname() and
gethostbyname2() function calls in the glibc library. This
vulnerability allows a remote attacker that is able to make an
application call to either of these functions to execute arbitrary
code with the permissions of the user running the application.
The gethostbyname() function calls are used for DNS resolving, which
is a very common event. To exploit this vulnerability, an attacker
must trigger a buffer overflow by supplying an invalid hostname
argument to an application that performs a DNS resolution.