Re: Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow

[Solar Designer <solar () openwall com>]

On Tue, Jan 27, 2015 at 10:20:20AM -0800, Qualys Security Advisory wrote:
> Here is a list of potential targets that we investigated (they all call
> gethostbyname, one way or another), but to the best of our knowledge,
> the buffer overflow cannot be triggered in any of them:
>
> apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql,
> nfs-utils, nginx, nodejs, openldap, openssh, postfix, proftpd,
> pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers,
> vsftpd, xinetd.
>
> That being said, we believe it would be interesting if other people
> could have a look, just in case we missed something.

That's an impressive list above, thanks!

To add on the topic and aggregate the relevant news in this thread:

Today there's some talk about GHOST possibly being exploitable via web
apps, and in particular via the pingback feature in WordPress:

http://threatpost.com/php-applications-wordpress-subject-to-ghost-glibc-vulnerability/110755

Alexander