GNU Glibc Remote Heap Buffer Overflow Vulnerability (Wordpress) Network Vulnerability

Summary

The remote host is using a version of glibc which is prone to a heap-based buffer-overflow vulnerability.

Impact

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may crash the application, denying service to legitimate users.

Solution

Update your glibc and reboot.

Detection

Send a special crafted XML POST request and check the response

References

http://www.gnu.org/software/libc/
http://www.securityfocus.com/bid/72325

Updated on 2015-03-25

Severity

Classification

CVE CVE-2015-0235

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Artifectx xClassified 'catid' SQL Injection Vulnerability
Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
Apache Struts2 Redirection and Security Bypass Vulnerabilities
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability

GNU glibc Remote Heap Buffer Overflow Vulnerability (Wordpress)

Take action and discover your vulnerabilities