CVE-2015-0235
Published at:
-
28-01-2015 08:59
Last modified:
-
05-07-2022 08:42
Total changes:
-
12
Description
Common Vulnerability Scoring System (CVSS)
LowAttack complexity
NetworkAttack vector
HighAvailability
HighConfidentiality
HighIntegrity
-
Privileges required
-
Scope
-
User interaction
10.0
Base score
10.0
10.0
Exploitability score
Impact score
Verification logic
Reference
- 20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow-Exploit, Mailing List, Third Party Advisory
- 20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)-Mailing List, Third Party Advisory
- https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
- 62691-Not Applicable
- http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/
- http://linux.oracle.com/errata/ELSA-2015-0090.html
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671
- http://www-01.ibm.com/support/docview.wss?uid=swg21695835
- https://kc.mcafee.com/corporate/index?page=content&id=SB10100
- 62698-Not Applicable
- http://linux.oracle.com/errata/ELSA-2015-0092.html
- 62692-Not Applicable
- https://bto.bluecoat.com/security-advisory/sa90
- 62690-Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21695860
- 62715-Not Applicable
- 20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability-Third Party Advisory
- 62688-Not Applicable
- 62681-Not Applicable
- 62667-Not Applicable
- https://www.sophos.com/en-us/support/knowledgebase/121879.aspx
- http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html
- 62517-Not Applicable
- 62640-Not Applicable
- 62680-Not Applicable
- 20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow-Mailing List, Third Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21696600
- 62883-Not Applicable
- 62870-Not Applicable
- 62871-Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21696526
- 62879-Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21696602
- 62865-Not Applicable
- http://www-01.ibm.com/support/docview.wss?uid=swg21696618
- http://www-01.ibm.com/support/docview.wss?uid=swg21696243
- DSA-3142-Third Party Advisory
- RHSA-2015:0126-Third Party Advisory
- http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
- 72325-Third Party Advisory, VDB Entry
- MDVSA-2015:039-Third Party Advisory
- HPSBHF03289-Issue Tracking, Mailing List, Third Party Advisory
- http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0
- https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
- http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf
- http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html
- HPSBGN03270-Issue Tracking, Mailing List, Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
- APPLE-SA-2015-06-30-2-Mailing List, Third Party Advisory
- http://support.apple.com/kb/HT204942
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://support.apple.com/HT205267
- APPLE-SA-2015-09-30-3-Mailing List, Third Party Advisory
- https://support.apple.com/HT205375
- APPLE-SA-2015-10-21-4-Mailing List, Third Party Advisory
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- 91787-Third Party Advisory, VDB Entry
- HPSBGN03285-Issue Tracking, Mailing List, Third Party Advisory
- HPSBGN03247-Issue Tracking, Mailing List, Third Party Advisory
- HPSBMU03330-Issue Tracking, Mailing List, Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668
- https://www.f-secure.com/en/web/labs_global/fsc-2015-1
- http://www-01.ibm.com/support/docview.wss?uid=swg21696131
- http://www-01.ibm.com/support/docview.wss?uid=swg21695774
- http://www-01.ibm.com/support/docview.wss?uid=swg21695695
- 62816-Not Applicable
- 62813-Not Applicable
- 62812-Not Applicable
- 62758-Not Applicable
- GLSA-201503-04-Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- 1032909-Third Party Advisory, VDB Entry
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://security.netapp.com/advisory/ntap-20150127-0001/
- 20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235-Exploit, Third Party Advisory, VDB Entry
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series-Exploit, Mailing List, Third Party Advisory
- 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series-Exploit, Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-994726.pdf
- [oss-security] 20210504 21Nails: Multiple vulnerabilities in Exim-Exploit, Mailing List
- 20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices-Exploit, Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
- https://www.arista.com/en/support/advisories-notices/security-advisories/1053-security-advisory-9
- 20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series-Exploit, Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html
Keywords