Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-0235

CWE-787 — Out-of-bounds Write CWE-131 CWE-122 — Heap-based Buffer Overflow CWE-119 — Buffer Overflow27 documents16 sources

Severity

10.0CRITICAL

EPSS

84.9%

top 0.65%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apple MAC OS X GNU Glibc Oracle Communications Application Session Controller +15 more

Timeline

PublishedJan 28

Latest updateMay 13

Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages18 packages

▶NVDgnu/glibc2.0 — 2.18

▶Debianglibc< 2.18-1+3

▶NVDphp/php5.4.0 — 5.4.38+2

▶NVDapple/mac_os_x< 10.11.1

▶NVDoracle/vm_virtualbox< 5.1.24

Also affects: Debian Linux 7.0, 8.0

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-jwcp-p679-fcr4: Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2↗2022-05-13

▶

OSV

CVE-2015-0235: Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2↗2015-01-28

▶

CVEList

CVE-2015-0235: Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2↗2015-01-28

▶

💥Exploits & PoCs

Exploit-DB

Exim - 'GHOST' glibc gethostbyname Buffer Overflow (Metasploit)↗2015-03-18

▶

Exploit-DB

Exim ESMTP 4.80 - glibc gethostbyname Denial of Service↗2015-01-29

▶

Metasploit

Exim GHOST (glibc gethostbyname) Buffer Overflow↗

▶

📋Vendor Advisories

Cisco

GNU glibc gethostbyname Function Buffer Overflow Vulnerability↗2015-01-29

▶

Ubuntu

GNU C Library vulnerability↗2015-01-27

▶

Red Hat

glibc: __nss_hostname_digits_dots() heap-based buffer overflow↗2015-01-27

▶

Debian

CVE-2015-0235: glibc - Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2...↗2015

▶

Apple

CVE-2015-0235: OS X El Capitan 10.11.1, Security Update 2015-004 Yosemite, and Security Update 2015-007 Mavericks↗

▶

🕵️Threat Intelligence

Qualys

Ghost Vulnerability: Remote Code Execution Exploit | Qualys↗2015-03-17

▶

Qualys

Ghost Vulnerability: Remote Code Execution Exploit | Qualys↗2015-03-17

▶

Talos

CVE-2015-0235: A GHOST in the Machine↗2015-01-28

▶

Talos

CVE-2015-0235: A GHOST in the Machine↗2015-01-28

▶

Qualys

GHOST Vulnerability CVE-2015-0235 | Linux glibc RCE Bug | Qualys↗2015-01-27

▶

💬Community

Bugzilla

update for CVE-2015-0235 missed by yum --security↗2015-01-28

▶

Bugzilla

CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow↗2015-01-19

▶