Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2015-0235

Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

POC

Reference

- http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/

- http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html

- http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html

- http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html

- http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html

- http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html

- http://packetstormsecurity.com/files/167552/Nexans-FTTO-GigaSwitch-Outdated-Components-Hardcoded-Backdoor.html

- http://seclists.org/fulldisclosure/2015/Jan/111

- http://seclists.org/fulldisclosure/2019/Jun/18

- http://seclists.org/fulldisclosure/2021/Sep/0

- http://seclists.org/fulldisclosure/2022/Jun/36

- http://seclists.org/oss-sec/2015/q1/274

- http://www.openwall.com/lists/oss-security/2021/05/04/7

- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

- http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

- http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

- http://www.securityfocus.com/bid/91787

- https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability

- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

- https://kc.mcafee.com/corporate/index?page=content&id=SB10100

- https://seclists.org/bugtraq/2019/Jun/14

- https://security.netapp.com/advisory/ntap-20150127-0001/

- https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

Github

- https://github.com/1N3/1N3

- https://github.com/1N3/Exploits

- https://github.com/1and1-serversupport/ghosttester

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/F88/ghostbusters15

- https://github.com/Ghebriou/platform_pfe

- https://github.com/JJediny/peekr-api

- https://github.com/RedHatProductSecurity/rhsecapi

- https://github.com/Sp1tF1r3/ghost-test

- https://github.com/aaronfay/CVE-2015-0235-test

- https://github.com/adherzog/ansible-CVE-2015-0235-GHOST

- https://github.com/alanmeyer/CVE-glibc

- https://github.com/arm13/ghost_exploit

- https://github.com/arthepsy/cve-tests

- https://github.com/auditt7708/rhsecapi

- https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform

- https://github.com/cfengine-content/registry

- https://github.com/chayim/GHOSTCHECK-cve-2015-0235

- https://github.com/devopsguys/dataloop-checks

- https://github.com/dineshkumarc987/Exploits

- https://github.com/favoretti/lenny-libc6

- https://github.com/fser/ghost-checker

- https://github.com/furyutei/CVE-2015-0235_GHOST

- https://github.com/koudaiii-archives/cookbook-update-glibc

- https://github.com/leoambrus/CheckersNomisec

- https://github.com/limkokholefork/GHOSTCHECK-cve-2015-0235

- https://github.com/lnick2023/nicenice

- https://github.com/makelinux/CVE-2015-0235-workaround

- https://github.com/mholzinger/CVE-2015-0235_GHOST

- https://github.com/mikesplain/CVE-2015-0235-cookbook

- https://github.com/mudongliang/LinuxFlaw

- https://github.com/n0-traces/cve_monitor

- https://github.com/nickanderson/cfengine-CVE_2015_0235

- https://github.com/oneoy/cve-

- https://github.com/pebreo/ansible-simple-example

- https://github.com/piyokango/ghost

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/r3p3r/1N3-Exploits

- https://github.com/sUbc0ol/CVE-2015-0235

- https://github.com/securguy/Pentest

- https://github.com/security-enjoyer/Pentest

- https://github.com/sjourdan/clair-lab

- https://github.com/stokes84/CentOS7-Intial-Setup

- https://github.com/tobyzxj/CVE-2015-0235

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/xyongcn/exploit