123 matches found
FreeBSD : php5 -- multiple vulnerabilities (f7a9e415-bdca-11e4-970c-000c292ee6b8) (GHOST)
The PHP Project reports : Use after free vulnerability in unserialize with DateTimeZone. Mitigation for CVE-2015-0235 -- GHOST: glibc gethostbyname buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...
Security Advisory - Glibc Buffer Overflow Vulnerability
Huawei noticed that Qualys had disclosed the buffer overflow in the GNU C Library glibc on January 27th, 2015, Applications call various gethostbyname function are affected and attackers can exploit this vulnerability to perform remote code execution. Vulnerability ID: HWPSIRT-2015-01045 This...
PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST)
According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.6. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow flaw in the enchantbrokerrequestdict function in ext/enchant/enchant.c could allow a remote attacker to cause a...
Cisco TelePresence Conductor GNU glibc gethostbyname Function Buffer Overflow Vulnerability (GHOST)
According to its self-reported version number, the Cisco TelePresence Conductor remote device is affected by a heap-based buffer overflow vulnerability in the GNU C Library glibc due to improperly validating user-supplied input to the nsshostnamedigitsdots, gethostbyname, and gethostbyname2...
php5 -- multiple vulnerabilities
The PHP Project reports: Use after free vulnerability in unserialize with DateTimeZone. Mitigation for CVE-2015-0235 -- GHOST: glibc gethostbyname buffer overflow...
Mandriva Linux Security Advisory : glibc (MDVSA-2015:039)
A vulnerability has been discovered and corrected in glibc : Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbynam...
By the Ghost vulnerability to cause“bloodshed”-vulnerability warning-the black bar safety net
0x00 background Recently a security company found the glibc gethostbyname buffer overflow vulnerability, the vulnerability is named ghost, the reason is glibc's Gethostbyname functions in processing incoming malformations of the domain information for parsing leads to heap overflow, numerous web...
GNU glibc gethostbyname functions buffer overflow
Buffer overflow in nsshostnamedigitsdots...
SuSE 10 Security Update : glibc (ZYPP Patch Number 9035)
This update for glibc fixes the following security issue : - A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname, that can lead to a local or remote buffer overflow. bsc913646. CVE-2015-0235 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Exploit Title: Exim ESMTP GHOST DoS PoC Exploit Date: 1/29/2015 Exploit Author: 1N3 Vendor Homepage: www.exim.org Version: 4.80 or less Tested on: debian-7-7-64b CVE : 2015-0235 !/usr/bin/python Exim ESMTP DoS Exploit by 1N3 v20150128...
FreeBSD : glibc -- gethostbyname buffer overflow (0765de84-a6c1-11e4-a0c1-c485083ca99c) (GHOST)
Robert Kratky reports : GHOST is a 'buffer overflow' bug affecting the gethostbyname and gethostbyname2 function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the...
GNU glibc gethostbyname Function Buffer Overflow Vulnerability
On January 27, 2015, a buffer overflow vulnerability in the GNU C library glibc was publicly announced. This vulnerability is related to the various gethostbyname functions included in glibc and affects applications that call these functions. This vulnerability may allow an attacker to obtain...
Heap overflow in glibc 2.2 name resolution (CVE-2015-0235)
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
DEBIAN-CVE-2015-0235
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
Heap overflow
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
CVE-2015-0235
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
CVE-2015-0235
CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...
CVE-2015-0235
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
CVE-2015-0235
Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...
glibc: __nss_hostname_digits_dots() heap-based buffer overflow
A heap-based buffer overflow was found in glibc's nsshostnamedigitsdots function, which is used by the gethostbyname and gethostbyname2 glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the...