CVE-2015-0235

Published: 27 January 2015

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Priority

High

Status

Package Release Status
eglibc
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(2.18)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(2.19-0ubuntu6)
glibc
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(2.18)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist