Glibc Buffer Overflow "GHOST" vulnerability

Last Update Date: 30 Jan 2015 09:43 Release Date: 30 Jan 2015 3837 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Linux

TYPE: Linux

A vulnerability was identified in Glibc. A remote user can execute arbitrary code on the target system. A local user can obtain elevated privileges on the target system.

 

A remote or local user can send specially crafted data to trigger a buffer overflow in __nss_hostname_digits_dots() and execute arbitrary code on the target system. The code will run with the privileges of the target application or service using the glibc library.

 

The buffer overflow can be accessed via the various gethostbyname() functions.

Impact

  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • glibc versions 2.2 - 2.17

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.18 or later

Vulnerability Identifier

Related Link

Share with

Previous

Apple Products (OS X, Safari, iOS and Apple TV) Multiple Vulnerabilities

29 Jan 2015 3837 Views

Next

Microsoft Internet Explorer Cross-Site Scripting Attack Vulnerability

3 Feb 2015 3889 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY