Lucene search

K

RedhatCVELIST:CVE-2015-1781

HistorySep 28, 2015 - 8:00 p.m.

CVE-2015-1781

2015-09-2820:00:00

redhat

www.cve.org

8.8 High

AI Score

Confidence

High

0.105 Low

EPSS

Percentile

95.0%

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

References

lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html

lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html

lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html

www.debian.org/security/2016/dsa-3480

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/74255

www.securitytracker.com/id/1032178

www.ubuntu.com/usn/USN-2985-1

www.ubuntu.com/usn/USN-2985-2

rhn.redhat.com/errata/RHSA-2015-0863.html

security.gentoo.org/glsa/201602-02

sourceware.org/bugzilla/show_bug.cgi?id=18287

sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=2959eda9272a03386

www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html

8.8 High

AI Score

Confidence

High

0.105 Low

EPSS

Percentile

95.0%

Related for CVELIST:CVE-2015-1781

nessus26 ibm16 debian3 debiancve1 archlinux1 f52 prion1 cve1 ubuntucve1 checkpoint_advisories1 nvd1 openvas19 redhat3 centos2 oraclelinux2 amazon2 securityvulns2 suse2 fedora1 mageia1 osv1 ubuntu2 cloudfoundry1 gentoo1