FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0765de84-a6c1-11e4-a0c1-c485083ca99cglibc -- gethostbyname buffer overflow

Robert Krátký reports:

GHOST is a 'buffer overflow' bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. This vulnerability allows a remote attacker that is able to make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application. The gethostbyname() function calls are used for DNS resolving, which is a very common event. To exploit this vulnerability, an attacker must trigger a buffer overflow by supplying an invalid hostname argument to an application that performs a DNS resolution.


Discovery 2015-01-27
Entry 2015-01-28
Modified 2015-02-02
linux_base-c6
< 6.6_2

linux_base-f10
>= 0

linux-c6-devtools
< 6.6_3

linux-f10-devtools
>= 0

CVE-2015-0235
https://access.redhat.com/articles/1332213
http://www.openwall.com/lists/oss-security/2015/01/27/9