DEBIAN-CVE-2015-0235

Advisory lineage Upstream: 1 Downstream: 2

Upstream

CVE-2015-0235

Downstream

DLA-139-1 DSA-3142-1

Published: 28 Jan 2015, 19:59

Last modified:28 Apr 2026, 20:14

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Jan 2015, 19:59

Published

Vulnerability first disclosed

28 Apr 2026, 20:14

Last Modified

Vulnerability information updated

Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Affected Systems

debian•glibc
< 2.18-1 | < 2.18-1 | < 2.18-1 | < 2.18-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2015-0235