CVE-2015-0235
EPSS 84.9%eglibc - security update
Published: 1/28/2015Modified: 4/28/2026
Also known as:DEBIAN-CVE-2015-0235
Description
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
Affected packages (2)
- Debian/eglibcfrom 0, < 2.11.3-4+deb6u4
- Debian/glibcfrom 0, < 2.18-1