Glibc gethostbyname Buffer Overflow Vulnerability (CVE-2015-0235)

Source: Internet
Author: User

Glibc gethostbyname Buffer Overflow Vulnerability (CVE-2015-0235)

Release date:
Updated on:

Affected Systems:
GNU glibc< 2.18
Unaffected system:
The GNU glibc 2.18
Description:
Bugtraq id: 72325
CVE (CAN) ID: CVE-2015-0235

Glibc is the libc library released by GNU, that is, the c Runtime Library. Glibc is the most underlying api in linux, and almost any other Runtime Library depends on glibc.

In versions earlier than glibc 2.18, The __nss_hostname_digits_dots () function has the heap buffer overflow vulnerability. This function is used when the gethostbyname () and gethostbyname2 () glibc functions are called. If a remote attacker can call any of these functions, the vulnerability can be exploited to execute arbitrary code with the current user permission. Although this vulnerability was fixed in May 21, 2013 (A version between glibc-2.17 and glibc-2.18), it is not considered a vulnerability and currently has an impact such as Debian 7 (wheezy ), red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, and many other Linux distributions.

This vulnerability is triggered by calling the gethostbyname () method by the application. The vulnerability can be triggered only when multiple conditions are met. Currently, most local SUID programs and service programs are not affected. Currently, the affected application is known as the exim4 mail service program. If you have set additional security checks for HELO and EHELO commands (not the default configuration), you can remotely execute arbitrary code.

<* Source: Qualys

Link: https://bugzilla.redhat.com/show_bug.cgi? CVE-2015-0235
Http://www.openwall.com/lists/oss-security/2015/01/27/9
*>

Suggestion:
Vendor patch:

GNU
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.gnu.org
Https://sourceware.org/git? P = glibc. git; a = commit; h = d5dd6189d506068ed11c8bfa1e1e9bffde04decd

Refer:

Http://www.openwall.com/lists/oss-security/2015/01/27/9
Https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

Dangerous! GHOST (GHOST) vulnerability exposure

GNU glibc gethostbyname Buffer Overflow Vulnerability

This article permanently updates the link address:

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.