Welcome! Log In Create A New Profile

Advanced

CVE-2015-0235 - GHOST

Vladimir Getmanshchuk
January 28, 2015 03:40AM
JFYI

Here is a list of potential targets that we investigated (they all call

*gethostbyname*, one way or another), but to the best of our knowledge,

the buffer overflow cannot be triggered in any of them:


apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql,

nfs-utils, *nginx*, nodejs, openldap, openssh, postfix, proftpd,

pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers,

vsftpd, xinetd.




http://seclists.org/oss-sec/2015/q1/283


--
Yours sincerely,
Vladimir Getmanshchuk
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
Subject Author Posted

CVE-2015-0235 - GHOST

Vladimir Getmanshchuk January 28, 2015 03:40AM

Re: CVE-2015-0235 - GHOST

mva January 29, 2015 03:34PM

Re: CVE-2015-0235 - GHOST

Igor Sysoev January 29, 2015 03:52PM

Re: CVE-2015-0235 - GHOST

mva January 29, 2015 04:02PM

Re: CVE-2015-0235 - GHOST

Igor Sysoev January 29, 2015 04:12PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 72
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready