Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-jwcp-p679-fcr4
Vulnerability from github
Published
2022-05-13 01:05
Modified
2022-05-13 01:05
Details
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
{ affected: [], aliases: [ "CVE-2015-0235", ], database_specific: { cwe_ids: [ "CWE-787", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2015-01-28T19:59:00Z", severity: "HIGH", }, details: "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\"", id: "GHSA-jwcp-p679-fcr4", modified: "2022-05-13T01:05:13Z", published: "2022-05-13T01:05:13Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-0235", }, { type: "WEB", url: "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", }, { type: "WEB", url: "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", }, { type: "WEB", url: "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", }, { type: "WEB", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", }, { type: "WEB", url: "https://support.apple.com/HT205375", }, { type: "WEB", url: "https://support.apple.com/HT205267", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20150127-0001", }, { type: "WEB", url: "https://security.gentoo.org/glsa/201503-04", }, { type: "WEB", url: "https://seclists.org/bugtraq/2019/Jun/14", }, { type: "WEB", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", }, { type: "WEB", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", }, { type: "WEB", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { type: "WEB", url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", }, { type: "WEB", url: "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", }, { type: "WEB", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", }, { type: "WEB", url: "https://bto.bluecoat.com/security-advisory/sa90", }, { type: "WEB", url: "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2015-0090.html", }, { type: "WEB", url: "http://linux.oracle.com/errata/ELSA-2015-0092.html", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html", }, { type: "WEB", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142296726407499&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142722450701342&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { type: "WEB", url: "http://marc.info/?l=bugtraq&m=143145428124857&w=2", }, { type: "WEB", url: "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, { type: "WEB", url: "http://rhn.redhat.com/errata/RHSA-2015-0126.html", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2015/Jan/111", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2019/Jun/18", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { type: "WEB", url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { type: "WEB", url: "http://seclists.org/oss-sec/2015/q1/269", }, { type: "WEB", url: "http://seclists.org/oss-sec/2015/q1/274", }, { type: "WEB", url: "http://secunia.com/advisories/62517", }, { type: "WEB", url: "http://secunia.com/advisories/62640", }, { type: "WEB", url: "http://secunia.com/advisories/62667", }, { type: "WEB", url: "http://secunia.com/advisories/62680", }, { type: "WEB", url: "http://secunia.com/advisories/62681", }, { type: "WEB", url: "http://secunia.com/advisories/62688", }, { type: "WEB", url: "http://secunia.com/advisories/62690", }, { type: "WEB", url: "http://secunia.com/advisories/62691", }, { type: "WEB", url: "http://secunia.com/advisories/62692", }, { type: "WEB", url: "http://secunia.com/advisories/62698", }, { type: "WEB", url: "http://secunia.com/advisories/62715", }, { type: "WEB", url: "http://secunia.com/advisories/62758", }, { type: "WEB", url: "http://secunia.com/advisories/62812", }, { type: "WEB", url: "http://secunia.com/advisories/62813", }, { type: "WEB", url: "http://secunia.com/advisories/62816", }, { type: "WEB", url: "http://secunia.com/advisories/62865", }, { type: "WEB", url: "http://secunia.com/advisories/62870", }, { type: "WEB", url: "http://secunia.com/advisories/62871", }, { type: "WEB", url: "http://secunia.com/advisories/62879", }, { type: "WEB", url: "http://secunia.com/advisories/62883", }, { type: "WEB", url: "http://support.apple.com/kb/HT204942", }, { type: "WEB", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", }, { type: "WEB", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", }, { type: "WEB", url: "http://www.debian.org/security/2015/dsa-3142", }, { type: "WEB", url: "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", }, { type: "WEB", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2021/05/04/7", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { type: "WEB", url: "http://www.securityfocus.com/archive/1/534845/100/0/threaded", }, { type: "WEB", url: "http://www.securityfocus.com/bid/72325", }, { type: "WEB", url: "http://www.securityfocus.com/bid/91787", }, { type: "WEB", url: "http://www.securitytracker.com/id/1032909", }, { type: "WEB", url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, ], schema_version: "1.4.0", severity: [], }
cve-2015-0235
Vulnerability from cvelistv5
Published
2015-01-28 19:00
Modified
2024-08-06 04:03
Severity ?
Summary
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:03:10.392Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "72325", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/72325", }, { name: "HPSBGN03247", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142296726407499&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", }, { name: "62883", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62883", }, { name: "62691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62691", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "APPLE-SA-2015-10-21-4", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205375", }, { name: "HPSBGN03285", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142722450701342&w=2", }, { name: "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://seclists.org/oss-sec/2015/q1/269", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "62698", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62698", }, { name: "62640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62640", }, { name: "1032909", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032909", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa90", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", }, { name: "62688", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62688", }, { name: "62865", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62865", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", }, { name: "HPSBHF03289", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "APPLE-SA-2015-06-30-2", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "62812", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62812", }, { name: "62879", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62879", }, { name: "HPSBGN03270", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2015-0090.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "62871", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62871", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "62690", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62690", }, { name: "62692", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62692", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "62681", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62681", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", }, { name: "SSRT101937", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", }, { name: "SSRT101953", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "62667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62667", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", }, { name: "MDVSA-2015:039", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", }, { name: "62517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62517", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.apple.com/kb/HT204942", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", }, { name: "62680", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62680", }, { name: "62813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62813", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201503-04", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost", }, { name: "91787", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91787", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", }, { name: "RHSA-2015:0126", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0126.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/534845/100/0/threaded", }, { name: "62715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62715", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", }, { name: "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://seclists.org/oss-sec/2015/q1/274", }, { name: "HPSBMU03330", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=143145428124857&w=2", }, { name: "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2015/Jan/111", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", }, { name: "62870", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62870", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20150127-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://linux.oracle.com/errata/ELSA-2015-0092.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", }, { name: "DSA-3142", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3142", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", }, { name: "62816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62816", }, { name: "62758", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62758", }, { name: "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Jun/18", }, { name: "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/14", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", }, { name: "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/05/04/7", }, { name: "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", }, { name: "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-01-27T00:00:00", descriptions: [ { lang: "en", value: "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-20T18:06:40", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "72325", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/72325", }, { name: "HPSBGN03247", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142296726407499&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", }, { name: "62883", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62883", }, { name: "62691", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62691", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "APPLE-SA-2015-10-21-4", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205375", }, { name: "HPSBGN03285", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142722450701342&w=2", }, { name: "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://seclists.org/oss-sec/2015/q1/269", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "62698", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62698", }, { name: "62640", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62640", }, { name: "1032909", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032909", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bto.bluecoat.com/security-advisory/sa90", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", }, { name: "APPLE-SA-2015-09-30-3", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", }, { name: "62688", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62688", }, { name: "62865", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62865", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", }, { name: "HPSBHF03289", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "APPLE-SA-2015-06-30-2", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "62812", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62812", }, { name: "62879", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62879", }, { name: "HPSBGN03270", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2015-0090.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "62871", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62871", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "62690", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62690", }, { name: "62692", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62692", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/HT205267", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "62681", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62681", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", }, { name: "SSRT101937", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", }, { name: "SSRT101953", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "62667", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62667", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", }, { name: "MDVSA-2015:039", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", }, { name: "62517", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62517", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.apple.com/kb/HT204942", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", }, { name: "62680", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62680", }, { name: "62813", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62813", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", }, { name: "GLSA-201503-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201503-04", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost", }, { name: "91787", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91787", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", }, { name: "RHSA-2015:0126", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-0126.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/534845/100/0/threaded", }, { name: "62715", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62715", }, { tags: [ "x_refsource_MISC", ], url: "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", }, { name: "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://seclists.org/oss-sec/2015/q1/274", }, { name: "HPSBMU03330", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=143145428124857&w=2", }, { name: "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2015/Jan/111", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", }, { name: "62870", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62870", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20150127-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://linux.oracle.com/errata/ELSA-2015-0092.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", }, { name: "DSA-3142", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3142", }, { tags: [ "x_refsource_MISC", ], url: "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", }, { name: "62816", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62816", }, { name: "62758", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62758", }, { name: "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Jun/18", }, { name: "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Jun/14", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", }, { name: "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/05/04/7", }, { name: "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", }, { name: "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2015-0235", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "72325", refsource: "BID", url: "http://www.securityfocus.com/bid/72325", }, { name: "HPSBGN03247", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142296726407499&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696131", }, { name: "62883", refsource: "SECUNIA", url: "http://secunia.com/advisories/62883", }, { name: "62691", refsource: "SECUNIA", url: "http://secunia.com/advisories/62691", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", }, { name: "APPLE-SA-2015-10-21-4", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html", }, { name: "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html", }, { name: "https://support.apple.com/HT205375", refsource: "CONFIRM", url: "https://support.apple.com/HT205375", }, { name: "HPSBGN03285", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142722450701342&w=2", }, { name: "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)", refsource: "BUGTRAQ", url: "http://seclists.org/oss-sec/2015/q1/269", }, { name: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", refsource: "CONFIRM", url: "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0", }, { name: "62698", refsource: "SECUNIA", url: "http://secunia.com/advisories/62698", }, { name: "62640", refsource: "SECUNIA", url: "http://secunia.com/advisories/62640", }, { name: "1032909", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1032909", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", }, { name: "https://bto.bluecoat.com/security-advisory/sa90", refsource: "CONFIRM", url: "https://bto.bluecoat.com/security-advisory/sa90", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696618", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696600", }, { name: "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", refsource: "CONFIRM", url: "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf", }, { name: "APPLE-SA-2015-09-30-3", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", }, { name: "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", refsource: "CONFIRM", url: "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx", }, { name: "62688", refsource: "SECUNIA", url: "http://secunia.com/advisories/62688", }, { name: "62865", refsource: "SECUNIA", url: "http://secunia.com/advisories/62865", }, { name: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696243", }, { name: "HPSBHF03289", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "APPLE-SA-2015-06-30-2", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10100", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", }, { name: "62812", refsource: "SECUNIA", url: "http://secunia.com/advisories/62812", }, { name: "62879", refsource: "SECUNIA", url: "http://secunia.com/advisories/62879", }, { name: "HPSBGN03270", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { name: "http://linux.oracle.com/errata/ELSA-2015-0090.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2015-0090.html", }, { name: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", }, { name: "62871", refsource: "SECUNIA", url: "http://secunia.com/advisories/62871", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", }, { name: "62690", refsource: "SECUNIA", url: "http://secunia.com/advisories/62690", }, { name: "62692", refsource: "SECUNIA", url: "http://secunia.com/advisories/62692", }, { name: "https://support.apple.com/HT205267", refsource: "CONFIRM", url: "https://support.apple.com/HT205267", }, { name: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", refsource: "CONFIRM", url: "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", }, { name: "62681", refsource: "SECUNIA", url: "http://secunia.com/advisories/62681", }, { name: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", refsource: "CONFIRM", url: "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671", }, { name: "SSRT101937", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142781412222323&w=2", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696526", }, { name: "SSRT101953", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=142721102728110&w=2", }, { name: "62667", refsource: "SECUNIA", url: "http://secunia.com/advisories/62667", }, { name: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", refsource: "CONFIRM", url: "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668", }, { name: "MDVSA-2015:039", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039", }, { name: "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", refsource: "CONFIRM", url: "https://www.f-secure.com/en/web/labs_global/fsc-2015-1", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21696602", }, { name: "62517", refsource: "SECUNIA", url: "http://secunia.com/advisories/62517", }, { name: "http://support.apple.com/kb/HT204942", refsource: "CONFIRM", url: "http://support.apple.com/kb/HT204942", }, { name: "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/", refsource: "CONFIRM", url: "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695695", }, { name: "62680", refsource: "SECUNIA", url: "http://secunia.com/advisories/62680", }, { name: "62813", refsource: "SECUNIA", url: "http://secunia.com/advisories/62813", }, { name: "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html", }, { name: "GLSA-201503-04", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201503-04", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", }, { name: "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability", refsource: "CISCO", url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost", }, { name: "91787", refsource: "BID", url: "http://www.securityfocus.com/bid/91787", }, { name: "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html", }, { name: "RHSA-2015:0126", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2015-0126.html", }, { name: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", }, { name: "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/534845/100/0/threaded", }, { name: "62715", refsource: "SECUNIA", url: "http://secunia.com/advisories/62715", }, { name: "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", refsource: "MISC", url: "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695835", }, { name: "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", refsource: "BUGTRAQ", url: "http://seclists.org/oss-sec/2015/q1/274", }, { name: "HPSBMU03330", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=143145428124857&w=2", }, { name: "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2015/Jan/111", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695774", }, { name: "62870", refsource: "SECUNIA", url: "http://secunia.com/advisories/62870", }, { name: "https://security.netapp.com/advisory/ntap-20150127-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20150127-0001/", }, { name: "http://linux.oracle.com/errata/ELSA-2015-0092.html", refsource: "CONFIRM", url: "http://linux.oracle.com/errata/ELSA-2015-0092.html", }, { name: "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", refsource: "CONFIRM", url: "http://www-01.ibm.com/support/docview.wss?uid=swg21695860", }, { name: "DSA-3142", refsource: "DEBIAN", url: "http://www.debian.org/security/2015/dsa-3142", }, { name: "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", refsource: "MISC", url: "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", }, { name: "62816", refsource: "SECUNIA", url: "http://secunia.com/advisories/62816", }, { name: "62758", refsource: "SECUNIA", url: "http://secunia.com/advisories/62758", }, { name: "20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Jun/18", }, { name: "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/14", }, { name: "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf", }, { name: "[oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/05/04/7", }, { name: "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2021/Sep/0", }, { name: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html", }, { name: "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", refsource: "MISC", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9", }, { name: "20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/Jun/36", }, { name: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-0235", datePublished: "2015-01-28T19:00:00", dateReserved: "2014-11-18T00:00:00", dateUpdated: "2024-08-06T04:03:10.392Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.