oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)

From: Qualys Security Advisory <qsa () qualys com>
Date: Tue, 27 Jan 2015 16:00:36 -0800
On Tue, Jan 27, 2015 at 02:03:10PM -0800, endrazine wrote:

There is an obvious stack overflow in Qualys' GHOST.c poc : the name buffer
is 10 bytes long and 900+ bytes of data are copied to it. This is


???

-- 
QSA
Previous By Date Next
Previous By Thread Next

Current thread: