Questions tagged [ghost]

GHOST (CVE-2015-0235) is a security vulnerability in the Linux glibc library.

To exploit it the attacker needs to create a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions.

It allows the attacker to execute arbitrary code on the target machine.

Sources:
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability http://www.openwall.com/lists/oss-security/2015/01/27/9

5 questions

votes

4 answers

GHOST bug: is there a simple way to test if my system is secure?

GHOST (CVE-2015-0235) just popped up. How can I quickly check if a system of mine is secure? Ideally with a one line shell command. According to the ZDNet article "you should then reboot the system". Ideally the test would also indicate this...

ghost glibc

asked Jan 27 '15 at 22:03

the

1,841
2
16
33

votes

1 answer

Does the GHOST vulnerability affect Macs?

Although the vulnerability targets Linux, I have read that it is really a glibc vulnerability, and some sites suggest that one should install a fix on any platform. I know that there are a lot of packages out there that let you install glibc…

macos ghost

asked Jan 28 '15 at 16:43

Michael

votes

1 answer

Is Java vulnerable to glibc GHOST Vulnerability in Linux?

I see on our RedHat Linux platform that "java" process has dependency over glibc library: [root@hpproliant1 ~]# ldd /usr/bin/java linux-gate.so.1 => (0xffffe000) libpthread.so.0 => /lib/libpthread.so.0 (0xf7f77000) libjli.so =>…

linux java vulnerability ghost glibc

asked Jan 30 '15 at 18:55

Mert Z.

votes

1 answer

GHOST: which services are vulnerable, ssh, web server?

GHOST (CVE-2015-0235) just popped up. GHOST bug: is there a simple way to test if my system is secure? deals with how to find out if your system is vulnerable. exim is mentioned specifically. Apparently OpenSSH is vulnerable but attacks can easily…

ports ghost glibc

asked Jan 28 '15 at 00:13

the

1,841
2
16
33

vote

2 answers

Can an executable be scanned for calls to the vulnerable glibc ghost functions?

The ghost vulnerability has the potential to be vulnerable to many many pieces of software that call the gethostbyname() and gethostbyname2() functions. Is there an easy way to scan an executable to determine if it makes use of either of these two…

ghost glibc scan

asked Jan 30 '15 at 21:44

Steve Sether

21,480
8
50
76