Jump to content
Aerosol

Indian Copy/Paste shit about Glibc Ghost Vulnerability

Recommended Posts

Description
Heap
-
based buffer overflow in the __nss_hostname_digits_dots functi
on in glibc 2.2, and other
2.x versions before 2.18, allows context
-
dependent attackers to execute arbitrary code via
vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST.
"
The GHOST vulnerability is a serious weakness in th
e Linux glibc library. It allows attackers to
remotely take complete control of the victim system without having any prior knowledge of
system credentials.
CVE
-
2015
-
0235
has been a
ssigned to this issue.
Qualys security researchers discovered this bug and worked closely with Linux distribution
vendors. And as a result of that we are releasing
this
advisory
today as a
coordinated
effort, and
patches for all distribution are available January 27, 2015.

Read more: http://dl.packetstormsecurity.net/papers/general/securing-ghost.pdf

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...