CVE-2015-0235 : Detail

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 35951

Publication date : 2015-01-28 23h00 +00:00
Author : 1n3
EDB Verified : No

Exploit Database EDB-ID : 36421

Publication date : 2015-03-17 23h00 +00:00
Author : Qualys Corporation
EDB Verified : Yes

Products Mentioned

Configuraton 0

Gnu>>Glibc >> Version From (including) 2.0 To (excluding) 2.18

Configuraton 0

Oracle>>Communications_application_session_controller >> Version To (excluding) 3.7.1

Oracle>>Communications_eagle_application_processor >> Version 16.0

Oracle>>Communications_eagle_lnp_application_processor >> Version 10.0

Oracle>>Communications_lsms >> Version 13.1

Oracle>>Communications_policy_management >> Version 9.7.3

Oracle>>Communications_policy_management >> Version 9.9.1

Oracle>>Communications_policy_management >> Version 10.4.1

Oracle>>Communications_policy_management >> Version 11.5

Oracle>>Communications_policy_management >> Version 12.1.1

Oracle>>Communications_session_border_controller >> Version To (excluding) 7.2.0

Oracle>>Communications_session_border_controller >> Version 7.2.0

Oracle>>Communications_session_border_controller >> Version 8.0.0

Oracle>>Communications_user_data_repository >> Version From (including) 10.0.0 To (including) 10.0.1

Oracle>>Communications_webrtc_session_controller >> Version 7.0

Oracle>>Communications_webrtc_session_controller >> Version 7.1

Oracle>>Communications_webrtc_session_controller >> Version 7.2

Oracle>>Exalogic_infrastructure >> Version 1.0

Oracle>>Exalogic_infrastructure >> Version 2.0

Oracle>>Vm_virtualbox >> Version To (excluding) 5.1.24

Oracle>>Linux >> Version 5

Oracle>>Linux >> Version 7

Configuraton 0

Debian>>Debian_linux >> Version 7.0

Debian>>Debian_linux >> Version 8.0

Configuraton 0

Redhat>>Virtualization >> Version 6.0

Configuraton 0

Apple>>Mac_os_x >> Version To (excluding) 10.11.1

Configuraton 0

Ibm>>Pureapplication_system >> Version 1.0.0.0

Ibm>>Pureapplication_system >> Version 1.1.0.0

Ibm>>Pureapplication_system >> Version 2.0.0.0

Ibm>>Security_access_manager_for_enterprise_single_sign-on >> Version 8.2

Configuraton 0

Php>>Php >> Version From (including) 5.4.0 To (excluding) 5.4.38

Php>>Php >> Version From (including) 5.5.0 To (excluding) 5.5.22

Php>>Php >> Version From (including) 5.6.0 To (excluding) 5.6.6

References