oss-sec mailing list archives

R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)

From: linkbc02 <linkbc02 () outlook com>
Date: Fri, 30 Jan 2015 11:09:01 +0100

Sorry Alexander, I quoted the wrong one.
I can confirm, Dovecot, at least, got crashed, I asked also Timo S. that is
digging about it.
Screenshot
http://goo.gl/JwhWIf



|-----Messaggio originale-----
|Da: Solar Designer [mailto:solar () openwall com]
|Inviato: venerdì 30 gennaio 2015 10:47
|A: oss-security () lists openwall com
|Cc: linkbc02
|Oggetto: Re: [oss-security] GHOST gethostbyname() heap overflow in glibc
|(CVE-2015-0235)
|
|On Fri, Jan 30, 2015 at 10:24:56AM +0100, linkbc02 wrote:
|> Dovecot: It seems that libdovecot-storage.so can be triggered and you can
|read the core dump
|>
|> imap[29914]: segfault at 0 ip 00007f1e525263a0 sp 00007fffaeed7818
|>  error 4 in libdovecot-storage.so.0.0.0[7f1e5249e000+10f000]
|
|I reluctantly approved the above posting even though it contains no
|indication this has anything to do with GHOST, and it bottom-quotes a
|mostly irrelevant message (latest one from the thread).
|
|linkbc02, if you have any reason to believe this is relevant to GHOST,
|then please explain.  And if you have no such reason, then please also
|state so, and we'll more confidently disregard this false alarm. ;-)
|
|Alexander

Current thread:

Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235), (continued)
- - - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Kurt Seifried (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Hanno Böck (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Paul Pluzhnikov (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Hanno Böck (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Solar Designer (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Kees Cook (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Alexander Cherepanov (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Florian Weimer (Jan 30)
    - R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) linkbc02 (Jan 30)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Solar Designer (Jan 30)
    - R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) linkbc02 (Jan 30)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Solar Designer (Jan 30)
    - R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) linkbc02 (Jan 30)
    - Re: R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Ammar Brohi (Jan 31)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Michal Zalewski (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Kurt Seifried (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Hanno Böck (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Solar Designer (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Hanno Böck (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Daniel Kahn Gillmor (Jan 29)
    - Re: GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235) Jan Schaumann (Jan 29)