10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Heap-based buffer overflow in the __nss_hostname_digits_dots function in
glibc 2.2, and other 2.x versions before 2.18, allows context-dependent
attackers to execute arbitrary code via vectors related to the (1)
gethostbyname or (2) gethostbyname2 function, aka βGHOST.β
launchpad.net/bugs/cve/CVE-2015-0235
nvd.nist.gov/vuln/detail/CVE-2015-0235
security-tracker.debian.org/tracker/CVE-2015-0235
sourceware.org/git/?p=glibc.git;a=commitdiff;h=d5dd6189d506068ed11c8bfa1e1e9bffde04decd
ubuntu.com/security/notices/USN-2485-1
wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GHOST
www.cve.org/CVERecord?id=CVE-2015-0235