Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2015-0235
StatusCandidate
DescriptionHeap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
Severity
High
CVSS score10
CVSS vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
PhaseAssigned (09.10.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-0235
ReferencesBUGTRAQ : 20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
 BUGTRAQ : 20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
 CISCO : 20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability
 FULLDISC : 20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow
 BUGTRAQ : 20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235
 SECUNIA : 62517
 SECUNIA : 62640
 SECUNIA : 62667
 SECUNIA : 62680
 SECUNIA : 62681
 SECUNIA : 62688
 SECUNIA : 62690
 SECUNIA : 62691
 SECUNIA : 62692
 SECUNIA : 62698
 SECUNIA : 62715
 SECUNIA : 62865
 SECUNIA : 62870
 SECUNIA : 62871
 SECUNIA : 62879
 SECUNIA : 62883
 BID : 72325
 DEBIAN : DSA-3142
 HP : HPSBGN03270
 HP : HPSBHF03289
 CONFIRM : http://blogs.sophos.com/2015/01/29/sophos-products...
 CONFIRM : http://linux.oracle.com/errata/ELSA-2015-0090.html
 CONFIRM : http://linux.oracle.com/errata/ELSA-2015-0092.html
 MISC : http://packetstormsecurity.com/files/130171/Exim-E...
 MISC : http://packetstormsecurity.com/files/130768/EMC-Se...
 MISC : http://packetstormsecurity.com/files/130974/Exim-G...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www-01.ibm.com/support/docview.wss?uid=swg2...
 CONFIRM : http://www.idirect.net/Partners/~/media/Files/CVE/...
 CONFIRM : http://www.oracle.com/technetwork/topics/security/...
 CONFIRM : http://www.websense.com/support/article/kbarticle/...
 CONFIRM : https://bto.bluecoat.com/security-advisory/sa90
 MISC : https://community.qualys.com/blogs/laws-of-vulnera...
 CONFIRM : https://kb.juniper.net/InfoCenter/index?page=conte...
 CONFIRM : https://kc.mcafee.com/corporate/index?page=content...
 MISC : https://www.qualys.com/research/security-advisorie...
 CONFIRM : https://www.sophos.com/en-us/support/knowledgebase...
 MANDRIVA : MDVSA-2015:039
 REDHAT : RHSA-2015:0126
 HP : SSRT101937
 HP : SSRT101953
SecurityVulns:Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
 Apple Mac OS X / EFI multiple security vulnerabilities
 Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
 EMC Secure Remote Services Virtual Edition multiple security vulnerabilities
 Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
 GNU glibc gethostbyname functions buffer overflow
 Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
 Apple Mac OS X / Mac EFI / OS X Server multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod