Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.842077
Category:Ubuntu Local Security Checks
Title:Ubuntu Update for eglibc USN-2485-1
Summary:The remote host is missing an update for the 'eglibc'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'eglibc'
package(s) announced via the referenced advisory.

Vulnerability Insight:
It was discovered that a buffer overflow
existed in the gethostbyname and gethostbyname2 functions in the GNU C Library.
An attacker could use this issue to execute arbitrary code or cause an application
crash, resulting in a denial of service.

Affected Software/OS:
eglibc on Ubuntu 12.04 LTS,
Ubuntu 10.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-0235
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
BugTraq ID: 72325
http://www.securityfocus.com/bid/72325
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Bugtraq: 20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) (Google Search)
http://seclists.org/oss-sec/2015/q1/269
Bugtraq: 20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow (Google Search)
http://seclists.org/oss-sec/2015/q1/274
Bugtraq: 20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235 (Google Search)
http://www.securityfocus.com/archive/1/534845/100/0/threaded
Bugtraq: 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series (Google Search)
https://seclists.org/bugtraq/2019/Jun/14
Cisco Security Advisory: 20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
Debian Security Information: DSA-3142 (Google Search)
http://www.debian.org/security/2015/dsa-3142
http://seclists.org/fulldisclosure/2015/Jan/111
http://seclists.org/fulldisclosure/2019/Jun/18
http://seclists.org/fulldisclosure/2021/Sep/0
https://security.gentoo.org/glsa/201503-04
HPdes Security Advisory: HPSBGN03247
http://marc.info/?l=bugtraq&m=142296726407499&w=2
HPdes Security Advisory: HPSBGN03270
http://marc.info/?l=bugtraq&m=142781412222323&w=2
HPdes Security Advisory: HPSBGN03285
http://marc.info/?l=bugtraq&m=142722450701342&w=2
HPdes Security Advisory: HPSBHF03289
http://marc.info/?l=bugtraq&m=142721102728110&w=2
HPdes Security Advisory: HPSBMU03330
http://marc.info/?l=bugtraq&m=143145428124857&w=2
HPdes Security Advisory: SSRT101937
HPdes Security Advisory: SSRT101953
http://www.mandriva.com/security/advisories?name=MDVSA-2015:039
http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html
http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html
http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html
https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
http://www.openwall.com/lists/oss-security/2021/05/04/7
RedHat Security Advisories: RHSA-2015:0126
http://rhn.redhat.com/errata/RHSA-2015-0126.html
http://www.securitytracker.com/id/1032909
http://secunia.com/advisories/62517
http://secunia.com/advisories/62640
http://secunia.com/advisories/62667
http://secunia.com/advisories/62680
http://secunia.com/advisories/62681
http://secunia.com/advisories/62688
http://secunia.com/advisories/62690
http://secunia.com/advisories/62691
http://secunia.com/advisories/62692
http://secunia.com/advisories/62698
http://secunia.com/advisories/62715
http://secunia.com/advisories/62758
http://secunia.com/advisories/62812
http://secunia.com/advisories/62813
http://secunia.com/advisories/62816
http://secunia.com/advisories/62865
http://secunia.com/advisories/62870
http://secunia.com/advisories/62871
http://secunia.com/advisories/62879
http://secunia.com/advisories/62883
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.