The guys at Qualys discovered a very interesting buffer overflow in the __nss_hostname_digits_dots() function of glibc. The main problem is that you can take advantage of this remotely via the gethostbyname*() functions, which are used in many applications. They dubbed this “GHOST” (due to the GetHOST… name). The CVE assigned to this is: CVE-2015-0235.
Currently, all distributions of Linux are vulnerable.
This was apparently fixed between glibc-2.17 and glibc-2.18, but it was ignored in the long term “stable” releases.
Here is some code to check if you are vulnerable:
Continue Reading →GHOST – glibc Remote Linux Vulnerability POC Exploit – CVE-2015-0235