CVE-2015-0235
Description
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka GHOST.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
86.662
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Oracle VM VirtualBox 5.1.22 | Windows |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.6 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.5 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.4 Combo Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.3 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.2 Update | Mac |
| Multiple vulnerabilities are fixed in OS X El Capitan 10.11.1 Update | Mac |
| Vulnerabilities CVE-2015-0235 are affected in Box For MAC 5.1.22 | Mac |
| Vulnerabilities CVE-2015-0235 are affected in VirtualBox for MAC 5.1.22 | Mac |
| GNU C Library (USN-2485-1) libc6_2.15-0ubuntu10.11_i386.deb | Linux |
| GNU C Library (USN-2485-1) libc6_2.15-0ubuntu10.11_amd64.deb | Linux |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Digital Content Manager (DCM) Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Emergency Responder | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Finesse | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Intercloud Fabric | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Jabber Guest | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco MediaSense | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Mobility Services Engine | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Paging Server | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Prime Infrastructure | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco SocialMiner | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Telepresence Conductor | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco TelePresence MPS Series | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco TelePresence Multipoint Switch | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified Contact Center Express | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified Intelligence Center | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified SIP Proxy | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unity Connection | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco IronPort Encryption Appliance Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For CiscoPro Workgroup EtherSwitch Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Application Policy Infrastructure Controller (APIC) | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco ASR 5000 Series | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco UCS Central Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For CiscoWorks LMS Portal | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Network Registrar | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Prime Network Analysis Module Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Virtual Wireless Controller | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Network Convergence System 6000 Series Routers | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco TelePresence Exchange System | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco TelePresence System 1000 | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified Communications Licensing | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Digital Media Manager | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Telepresence Integrator C Series | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco IPICS Server Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Videoscape Distribution Suite for Internet Streaming | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Enterprise CDN Software | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco ACE GSS 4400 Series Global Site Selector Appliances | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Wide Area Application Services (WAAS) Appliances | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco ASA Next-Generation Firewall Services | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Support Tools | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Physical Access Gateways | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Video Surveillance 4000 Series IP Cameras | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Video Surveillance Manager | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Router Security | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Small Business Voice Gateways and ATAs | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco IPS 4200 Series Sensors | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Conductor | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For MPEG-4 Encoders | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Videoscape Distribution Suite Transparent Caching | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco ASR 1000 Series Aggregation Services Routers | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco SCE 8000 Series Service Control Engine | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified Communications Manager (CallManager) | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Hosted Collaboration Solution (HCS) | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Unified MeetingPlace | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Virtualization Experience Client 6000 Series | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco IP Phone 7800 Series | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco Nexus 1000V Switch for VMware vSphere | NCM |
| GNU glibc gethostbyname Function Buffer Overflow Vulnerability For Cisco TelePresence System 3000 Series | NCM |
| Out-of-bounds Write Vulnerability (CVE-2015-0235) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706007 | Security Update for Cisco Digital Content Manager (DCM) Software 20.0.0 |
| PATCH-1706049 | Security Update for Cisco Emergency Responder 12.0(0.98000.50) |
| PATCH-1705887 | Security Update for Cisco Finesse 11.5(0.98000.126) |
| PATCH-1705855 | Security Update for Cisco Intercloud Fabric 3.3(1) |
| PATCH-1705783 | Security Update for Cisco Jabber Guest 10.6(11) |
| PATCH-1705879 | Security Update for Cisco MediaSense 11.5(1.10000.6) |
| PATCH-1705808 | Security Update for Cisco Mobility Services Engine 8.0(130.12) |
| PATCH-1706011 | Security Update for Cisco Paging Server 12.0(1) |
| PATCH-1705595 | Security Update for Cisco Prime Infrastructure 2.2(2) |
| PATCH-1704708 | Security Update for Cisco SocialMiner 12.0(0.99000.293) |
| PATCH-1705862 | Security Update for Cisco TelePresence Conductor XC4.3 |
| PATCH-1702375 | Security Update for Cisco TelePresence MPS Series 10.0(2) |
| PATCH-1702381 | Security Update for Cisco TelePresence Multipoint Switch 10.0(2) |
| PATCH-1706052 | Security Update for Cisco Unified Contact Center Express 11.6(1) |
| PATCH-1705886 | Security Update for Cisco Unified Intelligence Center 11.5(0.98000.126) |
| PATCH-1705497 | Security Update for Cisco Unified SIP Proxy 8.5(5) |
| PATCH-1706048 | Security Update for Cisco Unity Connection 12.0(0.97000.184) |
| PATCH-1706035 | Security Update for CiscoPro Workgroup EtherSwitch Software 6.0(2)A8(4) |
| PATCH-1706006 | Security Update for Cisco Application Policy Infrastructure Controller (APIC) 1.3(2k) |
| PATCH-1706032 | Security Update for Cisco ASR 5000 Series 21.3.A0.66703 |
| PATCH-1705950 | Security Update for Cisco UCS Central Software 2.0(1a) |
| PATCH-1706038 | Security Update for Cisco Network Registrar 9.1 |
| PATCH-1706008 | Security Update for Cisco Prime Network Analysis Module Software 6.2(3) |
| PATCH-1705937 | Security Update for Cisco Virtual Wireless Controller 8.3(15.155) |
| PATCH-1705630 | Security Update for Cisco Network Convergence System 6000 Series Routers 6.1.4 |
| PATCH-1706042 | Security Update for Cisco Unified Communications Licensing 11.5(1.12001.2) |
| PATCH-1705797 | Security Update for Cisco Digital Media Manager 5.6.3 |
| PATCH-1706043 | Security Update for Cisco Telepresence Integrator C Series 9.1.1 |
| PATCH-1705988 | Security Update for Cisco IPICS Server Software 4.10(2) |
| PATCH-1705993 | Security Update for Cisco Videoscape Distribution Suite for Internet Streaming 3.11(6.2) |
| PATCH-1705827 | Security Update for Cisco Enterprise CDN Software 5.5(41.2) |
| PATCH-1706001 | Security Update for Cisco Wide Area Application Services (WAAS) Appliances 6.3(0.185) |
| PATCH-1705897 | Security Update for Cisco ASA Next-Generation Firewall Services 100.6(0.0.181) |
| PATCH-1705964 | Security Update for Cisco Video Surveillance 4000 Series IP Cameras 2.4(6.310) |
| PATCH-1706045 | Security Update for Cisco Video Surveillance Manager 7.10 |
| PATCH-1702213 | Security Update for Cisco Small Business Voice Gateways and ATAs 7.6.2SR5 |
| PATCH-1705754 | Security Update for Cisco IPS 4200 Series Sensors 7.3(5)P1 |
| PATCH-1705867 | Security Update for Cisco Conductor 3.600 |
| PATCH-1706026 | Security Update for CAF-1.2.0.0 |
| PATCH-1705898 | Security Update for Cisco ASR 1000 Series Aggregation Services Routers Denali-16.3.4a |
| PATCH-1706016 | Security Update for Cisco Unified Communications Manager (CallManager) CUP.11.5(1.12900.25) |
| PATCH-1706050 | Security Update for Cisco Hosted Collaboration Solution (HCS) 11.5(1.93540.24) |
| PATCH-1705973 | Security Update for Cisco Unified MeetingPlace 8.6(2.45) |
| PATCH-1705446 | Security Update for Cisco Virtualization Experience Client 6000 Series 9.3(0) |
| PATCH-1705975 | Security Update for Cisco IP Phone 7800 Series 11.7(1) |
| PATCH-1705949 | Security Update for Cisco Nexus 1000V Switch for VMware vSphere 5.2(1)SV3(3.1) |
| PATCH-1705615 | Security Update for Cisco TelePresence System 3000 Series 1.9.10:5 |
| PATCH-342239 | Oracle VM VirtualBox (7.1.4) |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600754 | OS X El Capitan 10.11.6 Combo Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-600753 | OS X El Capitan 10.11.6 Update |
| PATCH-612038 | VirtualBox for MAC (Apple Silicon) (7.2.2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234