Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 3 Feb 2015 03:15:48 -0800
From: Qualys Security Advisory <qsa@...lys.com>
To: oss-security@...ts.openwall.com
Cc: const@...elinux.com
Subject: Re: workaround for GHOST glibc vulnerability
 CVE-2015-0235

On Tue, Feb 03, 2015 at 11:30:13AM +0100, Florian Weimer wrote:
> Why don't you hook gethostbyname?  I'm not sure if gethosybyname is
> implement in terms of gethostbyname_r.  (The call stacks I have suggest
> it isn't.)

Actually, gethostbyname() calls gethostbyname_r(), but before it does,
it calls the vulnerable function __nss_hostname_digits_dots(), so you're
right, this would still be exploitable.

With best regards,

-- 
the Qualys Security Advisory team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ