Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 27 Jan 2015 18:36:26 -0800
From: Qualys Security Advisory <qsa@...lys.com>
To: endrazine <endrazine@...il.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: GHOST gethostbyname() heap overflow in glibc
 (CVE-2015-0235)

On Tue, Jan 27, 2015 at 05:47:47PM -0800, endrazine wrote:
> From GHOST.c :
> ...
>   char name[10];
>   memset(name, '0', len);
>   name[len] = '\0';
> ...

Interesting!  But where did you possibly get that code?  Every copy of
our advisory includes the original proof-of-concept, which is quite
different from what you are showing here:

...
  char name[sizeof(temp.buffer)];
...

References:

http://www.openwall.com/lists/oss-security/2015/01/27/9
https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt

And just in case:

$ md5sum GHOST.c
aa8dbce88e54027dbd4723ccd142f717  GHOST.c

With best regards,

-- 
the Qualys Security Advisory team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ