Description

The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. A buffer overflow was discovered in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions. Web applications can also be affected by this flaw. For example, WordPress can be exploited using the XML-RPC "pingback" functionality.

Remediation

To fix this issue apply a patch from your Linux vendor. The first vulnerable version of the GNU C Library affected by this is glibc-2.2. It was fixed on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18).

References

The GHOST Vulnerability

Qualys Security Advisory CVE-2015-0235

Related Vulnerabilities

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-7411)

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4053)

Apache Traffic Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-3249)

Ruby Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-2339)

Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2089)

Severity

High

Classification

CVE-2015-0235 CWE-119 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Buffer Overflow