[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] R: [oss-security] GHOST gethostbyname() heap overflow in glibc (CVE-2015-0235)
From:       Ammar Brohi <brohiammar () gmail ! com>
Date:       2015-01-31 11:11:21
Message-ID: CA+Qk1jbSf=8bHoQdw+qT7vGkRh-ZAbs4v2TLhDySUAtKeo0oEg () mail ! gmail ! com
[Download RAW message or body]


I wonder how to detect this vulnerability? Any remote or local script to
run?

Thanks,

On Fri, Jan 30, 2015 at 3:54 PM, linkbc02 <linkbc02@outlook.com> wrote:

> |If you try upgrading glibc and the issue goes away, _that_ would be a
> |reason to suspect relevance.
>
> Hi, already done
>
>
> # rpm -q glibc
> glibc-2.12-1.132.el6_5.2.x86_64
> glibc-2.12-1.132.el6_5.2.i686
>
> # yum update glibc
>
>
> # rpm -q glibc
> glibc-2.12-1.149.el6_6.5.x86_64
> glibc-2.12-1.149.el6_6.5.i686
>
>
>
> # /etc/init.d/dovecot restart
>
>
> # telnet localhost 143
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN AUTH=LOGIN] IMAP ready.
> 1 login
>
> 00000000000000000000000000000000000000000000000000000000000000000000000000-c
> utted-
>
>
> BAD Error in IMAP command received by server.
>
> * BAD Error in IMAP command received by server.
>
>
> #dmesg doesn't show anymore segfault and core dump
>


[prev in list] [next in list] [prev in thread] [next in thread]