Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 31 Jan 2015 16:11:21 +0500
From: Ammar Brohi <brohiammar@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: R: GHOST gethostbyname() heap
 overflow in glibc (CVE-2015-0235)

I wonder how to detect this vulnerability? Any remote or local script to
run?

Thanks,

On Fri, Jan 30, 2015 at 3:54 PM, linkbc02 <linkbc02@...look.com> wrote:

> |If you try upgrading glibc and the issue goes away, _that_ would be a
> |reason to suspect relevance.
>
> Hi, already done
>
>
> # rpm -q glibc
> glibc-2.12-1.132.el6_5.2.x86_64
> glibc-2.12-1.132.el6_5.2.i686
>
> # yum update glibc
>
>
> # rpm -q glibc
> glibc-2.12-1.149.el6_6.5.x86_64
> glibc-2.12-1.149.el6_6.5.i686
>
>
>
> # /etc/init.d/dovecot restart
>
>
> # telnet localhost 143
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
> STARTTLS AUTH=PLAIN AUTH=LOGIN] IMAP ready.
> 1 login
>
> 00000000000000000000000000000000000000000000000000000000000000000000000000-c
> utted-
>
>
> BAD Error in IMAP command received by server.
>
> * BAD Error in IMAP command received by server.
>
>
> #dmesg doesn't show anymore segfault and core dump
>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ