Vulnerability Description
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Glibc | >= 2.0, < 2.18 |
| Oracle | Communications Application Session Controller | < 3.7.1 |
| Oracle | Communications Eagle Application Processor | 16.0 |
| Oracle | Communications Eagle Lnp Application Processor | 10.0 |
| Oracle | Communications Lsms | 13.1 |
| Oracle | Communications Policy Management | 9.7.3 |
| Oracle | Communications Session Border Controller | < 7.2.0 |
| Oracle | Communications User Data Repository | >= 10.0.0, <= 10.0.1 |
| Oracle | Communications Webrtc Session Controller | 7.0 |
| Oracle | Exalogic Infrastructure | 1.0 |
| Oracle | Vm Virtualbox | < 5.1.24 |
| Oracle | Linux | 5 |
| Debian | Debian Linux | 7.0 |
| Redhat | Virtualization | 6.0 |
| Apple | Mac Os X | < 10.11.1 |
| Ibm | Pureapplication System | 1.0.0.0 |
| Ibm | Security Access Manager For Enterprise Single Sign-On | 8.2 |
| Php | Php | >= 5.4.0, < 5.4.38 |
Related Weaknesses (CWE)
References
- http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-aThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2015-0090.htmlThird Party Advisory
- http://linux.oracle.com/errata/ELSA-2015-0092.htmlThird Party Advisory
- http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlMailing ListThird Party Advisory
- http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.htmlMailing ListThird Party Advisory
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=142296726407499&w=2Issue TrackingMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=142721102728110&w=2Issue TrackingMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=142722450701342&w=2Issue TrackingMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=142781412222323&w=2Issue TrackingMailing ListThird Party Advisory
- http://marc.info/?l=bugtraq&m=143145428124857&w=2Issue TrackingMailing ListThird Party Advisory
- http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.hExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQLThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-BuffeExploitThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-SExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2015-0235?
CVE-2015-0235 is a vulnerability with a CVSS score of 10.0 (HIGH). Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related...
How severe is CVE-2015-0235?
CVE-2015-0235 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0235?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Glibc, Oracle Communications Application Session Controller, Oracle Communications Eagle Application Processor, Oracle Communications Eagle Lnp Application Processor, Oracle Communications Lsms.