Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf - Broken Link, URL Repurposed |
05 Jul 2022, 18:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:php:php:*:*:*:*:*:*:*:* | |
References | (MISC) http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html - Exploit, Third Party Advisory, VDB Entry | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2019/Jun/18 - Exploit, Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/62813 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62667 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62517 - Not Applicable | |
References | (MISC) http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html - Exploit, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/62871 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62758 - Not Applicable | |
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html - Patch, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/62812 - Not Applicable | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Jun/36 - Exploit, Mailing List, Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html - Patch, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html - Exploit, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/62681 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62883 - Not Applicable | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/05/04/7 - Exploit, Mailing List | |
References | (SECUNIA) http://secunia.com/advisories/62870 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62692 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62688 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62680 - Not Applicable | |
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html - Patch, Third Party Advisory | |
References | (MISC) https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9 - Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html - Patch, Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Jun/14 - Exploit, Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/62691 - Not Applicable | |
References | (CONFIRM) http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0 - Broken Link, Permissions Required | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2021/Sep/0 - Exploit, Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/62816 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62879 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62640 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62865 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62690 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62715 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/62698 - Not Applicable | |
References | (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html - Patch, Third Party Advisory |
20 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Nov 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Nov 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Sep 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Sep 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2015-01-28 19:59
Updated : 2024-02-14 01:17
NVD link : CVE-2015-0235
Mitre link : CVE-2015-0235
CVE.ORG link : CVE-2015-0235
JSON object : View
Products Affected
oracle
- communications_eagle_lnp_application_processor
- exalogic_infrastructure
- communications_eagle_application_processor
- communications_policy_management
- communications_application_session_controller
- linux
- communications_user_data_repository
- vm_virtualbox
- communications_webrtc_session_controller
- communications_session_border_controller
- communications_lsms
debian
- debian_linux
redhat
- virtualization
ibm
- pureapplication_system
- security_access_manager_for_enterprise_single_sign-on
php
- php
gnu
- glibc
apple
- mac_os_x
CWE
CWE-787
Out-of-bounds Write