Lucene search
K

123 matches found

Tenable Nessus
Tenable Nessus
added 2015/02/27 12:0 a.m.66 views

FreeBSD : php5 -- multiple vulnerabilities (f7a9e415-bdca-11e4-970c-000c292ee6b8) (GHOST)

The PHP Project reports : Use after free vulnerability in unserialize with DateTimeZone. Mitigation for CVE-2015-0235 -- GHOST: glibc gethostbyname buffer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

10CVSS7.4AI score0.94859EPSS
Exploits38References6
Huawei
Huawei
added 2015/02/26 12:0 a.m.151 views

Security Advisory - Glibc Buffer Overflow Vulnerability

Huawei noticed that Qualys had disclosed the buffer overflow in the GNU C Library glibc on January 27th, 2015, Applications call various gethostbyname function are affected and attackers can exploit this vulnerability to perform remote code execution. Vulnerability ID: HWPSIRT-2015-01045 This...

10CVSS8AI score0.94859EPSS
Exploits29Affected Software97
Tenable Nessus
Tenable Nessus
added 2015/02/25 12:0 a.m.242 views

PHP 5.6.x < 5.6.6 Multiple Vulnerabilities (GHOST)

According to its banner, the version of PHP 5.6.x installed on the remote host is prior to 5.6.6. It is, therefore, affected by multiple vulnerabilities : - A heap-based buffer overflow flaw in the enchantbrokerrequestdict function in ext/enchant/enchant.c could allow a remote attacker to cause a...

10CVSS7.9AI score0.94859EPSS
Exploits41References9
Tenable Nessus
Tenable Nessus
added 2015/02/18 12:0 a.m.103 views

Cisco TelePresence Conductor GNU glibc gethostbyname Function Buffer Overflow Vulnerability (GHOST)

According to its self-reported version number, the Cisco TelePresence Conductor remote device is affected by a heap-based buffer overflow vulnerability in the GNU C Library glibc due to improperly validating user-supplied input to the nsshostnamedigitsdots, gethostbyname, and gethostbyname2...

10CVSS7.9AI score0.94859EPSS
Exploits29References4
FreeBSD
FreeBSD
added 2015/02/18 12:0 a.m.71 views

php5 -- multiple vulnerabilities

The PHP Project reports: Use after free vulnerability in unserialize with DateTimeZone. Mitigation for CVE-2015-0235 -- GHOST: glibc gethostbyname buffer overflow...

10CVSS8AI score0.94859EPSS
Exploits38References3
Tenable Nessus
Tenable Nessus
added 2015/02/11 12:0 a.m.52 views

Mandriva Linux Security Advisory : glibc (MDVSA-2015:039)

A vulnerability has been discovered and corrected in glibc : Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbynam...

10CVSS8.1AI score0.94859EPSS
Exploits29References2
myhack58
myhack58
added 2015/02/04 12:0 a.m.10 views

By the Ghost vulnerability to cause“bloodshed”-vulnerability warning-the black bar safety net

0x00 background Recently a security company found the glibc gethostbyname buffer overflow vulnerability, the vulnerability is named ghost, the reason is glibc's Gethostbyname functions in processing incoming malformations of the domain information for parsing leads to heap overflow, numerous web...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2015/02/02 12:0 a.m.73 views

GNU glibc gethostbyname functions buffer overflow

Buffer overflow in nsshostnamedigitsdots...

10CVSS3.8AI score0.94859EPSS
Exploits29References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/02/02 12:0 a.m.90 views

SuSE 10 Security Update : glibc (ZYPP Patch Number 9035)

This update for glibc fixes the following security issue : - A vulnerability was found and fixed in the GNU C Library, specifically in the function gethostbyname, that can lead to a local or remote buffer overflow. bsc913646. CVE-2015-0235 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

10CVSS7.5AI score0.94859EPSS
Exploits29References3
exploitpack
exploitpack
added 2015/01/29 12:0 a.m.115 views

Exim ESMTP 4.80 - glibc gethostbyname Denial of Service

Exim ESMTP 4.80 - glibc gethostbyname Denial of Service Exploit Title: Exim ESMTP GHOST DoS PoC Exploit Date: 1/29/2015 Exploit Author: 1N3 Vendor Homepage: www.exim.org Version: 4.80 or less Tested on: debian-7-7-64b CVE : 2015-0235 !/usr/bin/python Exim ESMTP DoS Exploit by 1N3 v20150128...

10CVSS0.1AI score0.94859EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2015/01/29 12:0 a.m.70 views

FreeBSD : glibc -- gethostbyname buffer overflow (0765de84-a6c1-11e4-a0c1-c485083ca99c) (GHOST)

Robert Kratky reports : GHOST is a 'buffer overflow' bug affecting the gethostbyname and gethostbyname2 function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the...

10CVSS7.9AI score0.94859EPSS
Exploits29References4
Cisco
Cisco
added 2015/01/28 10:30 p.m.132 views

GNU glibc gethostbyname Function Buffer Overflow Vulnerability

On January 27, 2015, a buffer overflow vulnerability in the GNU C library glibc was publicly announced. This vulnerability is related to the various gethostbyname functions included in glibc and affects applications that call these functions. This vulnerability may allow an attacker to obtain...

10CVSS7.5AI score0.94859EPSS
Exploits29References1
ATTACKERKB
ATTACKERKB
added 2015/01/28 7:59 p.m.80 views

Heap overflow in glibc 2.2 name resolution (CVE-2015-0235)

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

10CVSS7.5AI score0.94859EPSS
Exploits29References100
OSV
OSV
added 2015/01/28 7:59 p.m.7 views

DEBIAN-CVE-2015-0235

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

10CVSS8.6AI score0.94859EPSS
Exploits29References1
Prion
Prion
added 2015/01/28 7:59 p.m.49 views

Heap overflow

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

10CVSS8.6AI score0.94859EPSS
Exploits29References90Affected Software18
OSV
OSV
added 2015/01/28 7:59 p.m.20 views

CVE-2015-0235

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

10CVSS7.2AI score0.94859EPSS
Exploits29References128
CVE
CVE
added 2015/01/28 7:0 p.m.596 views

CVE-2015-0235

CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...

10CVSS7.7AI score0.94859EPSS
In wildExploits29References90Affected Software1
Cvelist
Cvelist
added 2015/01/28 7:0 p.m.42 views

CVE-2015-0235

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

7.5AI score0.94859EPSS
Exploits29References90
Debian CVE
Debian CVE
added 2015/01/28 7:0 p.m.62 views

CVE-2015-0235

Heap-based buffer overflow in the nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the 1 gethostbyname or 2 gethostbyname2 function, aka "GHOST."...

10CVSS8.8AI score0.94859EPSS
Exploits29
RedHat Linux
RedHat Linux
added 2015/01/28 5:13 p.m.4 views

glibc: __nss_hostname_digits_dots() heap-based buffer overflow

A heap-based buffer overflow was found in glibc's nsshostnamedigitsdots function, which is used by the gethostbyname and gethostbyname2 glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the...

10CVSS7.3AI score0.94859EPSS
Exploits29References8
Rows per page
Query Builder