GHOST: glibc vulnerability (CVE-2015-0235)

 

Date

27-01-2015

Affected Product

Debian operating system

 

Background

Nervepoint Technologies was made aware of a vulnerability in the glibc library, which has been assigned CVE-2015-0235 and is commonly referred to as 'GHOST'. All versions of glibc are affected.

 

Details

GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.

 

Resolution

Access Manager interfaces directly with the Debian update service and received updates directly. An update for CVE-2015-0235 was released on 27th January 2015 in wheezy (security) 2.13-38+deb7u7 more details here DSA-3142. All users with valid support subscriptions will have received this update.

Have more questions? Submit a request

Comments

Powered by Zendesk