GHOST: Heap-based Buffer Overflow in glibc's __nss_hostname_digits_dots Function

GHOST: Heap-based Buffer Overflow in glibc's __nss_hostname_digits_dots Function

CVE-2015-0235 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Learn more about our Web Application Penetration Testing UK.