Your submission was sent successfully! Close

CVE-2015-0235

Published: 27 January 2015

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Priority

High

Status

Package Release Status
eglibc
Launchpad, Ubuntu, Debian
lucid
Released (2.11.1-0ubuntu7.20)
precise
Released (2.15-0ubuntu10.10)
trusty Not vulnerable
(2.19-0ubuntu6)
upstream Not vulnerable
(2.18)
utopic Does not exist

glibc
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

trusty Does not exist

upstream Not vulnerable
(2.18)
utopic Not vulnerable
(2.19-10ubuntu2)