curl: Heap buffer overflow in Curl_ipv4_resolve_r due to incorrect buffer alignment and size calculation on AmigaOS

Summary: A heap-based buffer overflow exists in the AmigaOS-specific DNS resolution function Curlipv4resolver located in lib/amigaos.c. The function uses gethostbynamer with a fixed-size heap buffer CURLHOSTENTSIZE and performs incorrect pointer arithmetic when calculating the data buffer offset...

Exploit for Out-of-bounds Write in Gnu Glibc

PoC exploit for CVE-2015-0235, a vulnerability in the gethostbyname2r and gethostbynamer functions of the glibc library. The exploit is a shared library wrapper that provides an additional check for the vulnerable functions, preventing them from being called. The target is the glibc library,...

K16865: GNU C Library (glibc) vulnerability CVE-2015-1781

Security Advisory Description A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could u...

SUSE CVE-2015-1781

Buffer overflow in the gethostbynamer and other unspecified NSS functions in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer...

glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer

A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the...

glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer

A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the...

Buffer overflow

Buffer overflow in the gethostbynamer and other unspecified NSS functions in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer...

UBUNTU-CVE-2015-1781

Buffer overflow in the gethostbynamer and other unspecified NSS functions in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service crash or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer...

glibc security update

2.5-123.0.1.el511.3 - Switch to use malloc when the input line is too long Orabug 19951108 Jason Luan - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin 2.5-123.3 - Fix invalid-free when using getaddrinfo and AIIDN CVE-2013-7424, 2.5-123.1 - Fix...

Debian DLA-230-1 : eglibc security update

Arjun Shankar of Red Hat discovered that gethostbynamer and related functions compute the size of an input buffer incorrectly if the passed-in buffer is misaligned. This results in a buffer overflow. For the oldoldstable distribution squeeze, this problem has been fixed in version 2.11.3-4+deb6u6...

Multiple buffer overflow vulnerabilities in GNU glibc

glibc is the libc library, or c runtime library, released by GNU. glibc is the lowest level api in the linux system, and almost any other runtime library will depend on glibc. A buffer overflow vulnerability exists in the gethostbynamer and other functions of GNU glibc. An attacker exploiting thi...

GNU glibc security vulnerabilities

пgethostbynamer buffer overflow, getaddrinfo race conditions...

Amazon Linux AMI : glibc (ALAS-2015-513)

A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the...

Medium: glibc

Issue Overview: A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw t...

Moderate: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer

A buffer overflow flaw was found in the way glibc's gethostbynamer and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the...

Oracle Linux 7 : glibc (ELSA-2015-0327)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0327 advisory. - Fix parsing of numeric hosts in gethostbynamer CVE-2015-0235, 1183545. - Prevent NSS-based file backend from entering infinite loop when different AP...

Exploit for Out-of-bounds Write in Gnu Glibc

CVE-2015-0235-workaround aka GHOST glibc vulnerability A shar...

glibc security update

2.3.4-2.57.0.1.el4.1 - CVE-2015-0235 Fix parsing of numeric hosts in gethostbynamer John Haxby orabug 20439586...

glibc security update

2.5-123.0.1.el511.1 - Switch to use malloc when the input line is too long Orabug 19951108 - Use a /sys/devices/system/cpu/online for SCNPROCESSORSONLN implementation Orabug 17642251 Joe Jin 2.5-123.1 - Fix parsing of numeric hosts in gethostbynamer CVE-2015-0235, 1183532...