mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
468 lines
18 KiB
JSON
468 lines
18 KiB
JSON
{
|
|
"CVE_data_meta" : {
|
|
"ASSIGNER" : "cve@mitre.org",
|
|
"ID" : "CVE-2015-0235",
|
|
"STATE" : "PUBLIC"
|
|
},
|
|
"affects" : {
|
|
"vendor" : {
|
|
"vendor_data" : [
|
|
{
|
|
"product" : {
|
|
"product_data" : [
|
|
{
|
|
"product_name" : "n/a",
|
|
"version" : {
|
|
"version_data" : [
|
|
{
|
|
"version_value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format" : "MITRE",
|
|
"data_type" : "CVE",
|
|
"data_version" : "4.0",
|
|
"description" : {
|
|
"description_data" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka \"GHOST.\""
|
|
}
|
|
]
|
|
},
|
|
"problemtype" : {
|
|
"problemtype_data" : [
|
|
{
|
|
"description" : [
|
|
{
|
|
"lang" : "eng",
|
|
"value" : "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references" : {
|
|
"reference_data" : [
|
|
{
|
|
"name" : "20150127 GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://seclists.org/oss-sec/2015/q1/269"
|
|
},
|
|
{
|
|
"name" : "20150127 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://seclists.org/oss-sec/2015/q1/274"
|
|
},
|
|
{
|
|
"name" : "20150311 OpenSSL v1.0.2 for Linux affected by CVE-2015-0235",
|
|
"refsource" : "BUGTRAQ",
|
|
"url" : "http://www.securityfocus.com/archive/1/534845/100/0/threaded"
|
|
},
|
|
{
|
|
"name" : "20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow",
|
|
"refsource" : "FULLDISC",
|
|
"url" : "http://seclists.org/fulldisclosure/2015/Jan/111"
|
|
},
|
|
{
|
|
"name" : "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability",
|
|
"refsource" : "MISC",
|
|
"url" : "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability"
|
|
},
|
|
{
|
|
"name" : "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://packetstormsecurity.com/files/130171/Exim-ESMTP-GHOST-Denial-Of-Service.html"
|
|
},
|
|
{
|
|
"name" : "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html"
|
|
},
|
|
{
|
|
"name" : "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html",
|
|
"refsource" : "MISC",
|
|
"url" : "http://packetstormsecurity.com/files/130974/Exim-GHOST-glibc-gethostbyname-Buffer-Overflow.html"
|
|
},
|
|
{
|
|
"name" : "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt",
|
|
"refsource" : "MISC",
|
|
"url" : "https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt"
|
|
},
|
|
{
|
|
"name" : "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://blogs.sophos.com/2015/01/29/sophos-products-and-the-ghost-vulnerability-affecting-linux/"
|
|
},
|
|
{
|
|
"name" : "http://linux.oracle.com/errata/ELSA-2015-0090.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://linux.oracle.com/errata/ELSA-2015-0090.html"
|
|
},
|
|
{
|
|
"name" : "http://linux.oracle.com/errata/ELSA-2015-0092.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://linux.oracle.com/errata/ELSA-2015-0092.html"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695835",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695835"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695860",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695860"
|
|
},
|
|
{
|
|
"name" : "https://bto.bluecoat.com/security-advisory/sa90",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://bto.bluecoat.com/security-advisory/sa90"
|
|
},
|
|
{
|
|
"name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10671"
|
|
},
|
|
{
|
|
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10100",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10100"
|
|
},
|
|
{
|
|
"name" : "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://www.sophos.com/en-us/support/knowledgebase/121879.aspx"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696243",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696243"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696526",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696526"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696600",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696600"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696602",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696602"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696618",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696618"
|
|
},
|
|
{
|
|
"name" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0"
|
|
},
|
|
{
|
|
"name" : "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
|
|
},
|
|
{
|
|
"name" : "http://support.apple.com/kb/HT204942",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://support.apple.com/kb/HT204942"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
|
|
},
|
|
{
|
|
"name" : "https://support.apple.com/HT205267",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.apple.com/HT205267"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
|
|
},
|
|
{
|
|
"name" : "https://support.apple.com/HT205375",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://support.apple.com/HT205375"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
|
|
},
|
|
{
|
|
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04874668"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695695",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695695"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695774",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695774"
|
|
},
|
|
{
|
|
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696131",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21696131"
|
|
},
|
|
{
|
|
"name" : "https://www.f-secure.com/en/web/labs_global/fsc-2015-1",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://www.f-secure.com/en/web/labs_global/fsc-2015-1"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
|
|
},
|
|
{
|
|
"name" : "https://security.netapp.com/advisory/ntap-20150127-0001/",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://security.netapp.com/advisory/ntap-20150127-0001/"
|
|
},
|
|
{
|
|
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
|
|
},
|
|
{
|
|
"name" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
|
|
"refsource" : "CONFIRM",
|
|
"url" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
|
|
},
|
|
{
|
|
"name" : "APPLE-SA-2015-06-30-2",
|
|
"refsource" : "APPLE",
|
|
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
|
|
},
|
|
{
|
|
"name" : "APPLE-SA-2015-09-30-3",
|
|
"refsource" : "APPLE",
|
|
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"
|
|
},
|
|
{
|
|
"name" : "APPLE-SA-2015-10-21-4",
|
|
"refsource" : "APPLE",
|
|
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
|
|
},
|
|
{
|
|
"name" : "20150128 GNU glibc gethostbyname Function Buffer Overflow Vulnerability",
|
|
"refsource" : "CISCO",
|
|
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost"
|
|
},
|
|
{
|
|
"name" : "DSA-3142",
|
|
"refsource" : "DEBIAN",
|
|
"url" : "http://www.debian.org/security/2015/dsa-3142"
|
|
},
|
|
{
|
|
"name" : "GLSA-201503-04",
|
|
"refsource" : "GENTOO",
|
|
"url" : "https://security.gentoo.org/glsa/201503-04"
|
|
},
|
|
{
|
|
"name" : "HPSBHF03289",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142721102728110&w=2"
|
|
},
|
|
{
|
|
"name" : "SSRT101953",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142721102728110&w=2"
|
|
},
|
|
{
|
|
"name" : "HPSBGN03270",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142781412222323&w=2"
|
|
},
|
|
{
|
|
"name" : "SSRT101937",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142781412222323&w=2"
|
|
},
|
|
{
|
|
"name" : "HPSBGN03247",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142296726407499&w=2"
|
|
},
|
|
{
|
|
"name" : "HPSBGN03285",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=142722450701342&w=2"
|
|
},
|
|
{
|
|
"name" : "HPSBMU03330",
|
|
"refsource" : "HP",
|
|
"url" : "http://marc.info/?l=bugtraq&m=143145428124857&w=2"
|
|
},
|
|
{
|
|
"name" : "MDVSA-2015:039",
|
|
"refsource" : "MANDRIVA",
|
|
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:039"
|
|
},
|
|
{
|
|
"name" : "RHSA-2015:0126",
|
|
"refsource" : "REDHAT",
|
|
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0126.html"
|
|
},
|
|
{
|
|
"name" : "72325",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/72325"
|
|
},
|
|
{
|
|
"name" : "91787",
|
|
"refsource" : "BID",
|
|
"url" : "http://www.securityfocus.com/bid/91787"
|
|
},
|
|
{
|
|
"name" : "1032909",
|
|
"refsource" : "SECTRACK",
|
|
"url" : "http://www.securitytracker.com/id/1032909"
|
|
},
|
|
{
|
|
"name" : "62517",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62517"
|
|
},
|
|
{
|
|
"name" : "62640",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62640"
|
|
},
|
|
{
|
|
"name" : "62667",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62667"
|
|
},
|
|
{
|
|
"name" : "62680",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62680"
|
|
},
|
|
{
|
|
"name" : "62681",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62681"
|
|
},
|
|
{
|
|
"name" : "62688",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62688"
|
|
},
|
|
{
|
|
"name" : "62690",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62690"
|
|
},
|
|
{
|
|
"name" : "62691",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62691"
|
|
},
|
|
{
|
|
"name" : "62692",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62692"
|
|
},
|
|
{
|
|
"name" : "62698",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62698"
|
|
},
|
|
{
|
|
"name" : "62715",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62715"
|
|
},
|
|
{
|
|
"name" : "62865",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62865"
|
|
},
|
|
{
|
|
"name" : "62870",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62870"
|
|
},
|
|
{
|
|
"name" : "62871",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62871"
|
|
},
|
|
{
|
|
"name" : "62879",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62879"
|
|
},
|
|
{
|
|
"name" : "62883",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62883"
|
|
},
|
|
{
|
|
"name" : "62758",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62758"
|
|
},
|
|
{
|
|
"name" : "62812",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62812"
|
|
},
|
|
{
|
|
"name" : "62813",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62813"
|
|
},
|
|
{
|
|
"name" : "62816",
|
|
"refsource" : "SECUNIA",
|
|
"url" : "http://secunia.com/advisories/62816"
|
|
}
|
|
]
|
|
}
|
|
}
|