rhsa-2015_0101
Vulnerability from csaf_redhat
Published
2015-01-28 17:13
Modified
2024-11-05 18:44
Summary
Red Hat Security Advisory: glibc security update
Notes
Topic
Updated glibc packages that fix one security issue are now available for
Red Hat Enterprise Linux 4 Extended Life Cycle Support.
Red Hat Product Security has rated this update as having Critical security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
The glibc packages provide the standard C libraries (libc), POSIX thread
libraries (libpthread), standard math libraries (libm), and the Name
Server Caching Daemon (nscd) used by multiple programs on the system.
Without these libraries, the Linux system cannot function correctly.
A heap-based buffer overflow was found in glibc's
__nss_hostname_digits_dots() function, which is used by the gethostbyname()
and gethostbyname2() glibc function calls. A remote attacker able to make
an application call either of these functions could use this flaw to
execute arbitrary code with the permissions of the user running the
application. (CVE-2015-0235)
Red Hat would like to thank Qualys for reporting this issue.
All glibc users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated glibc packages that fix one security issue are now available for\nRed Hat Enterprise Linux 4 Extended Life Cycle Support.\n\nRed Hat Product Security has rated this update as having Critical security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", "title": "Topic" }, { "category": "general", "text": "The glibc packages provide the standard C libraries (libc), POSIX thread\nlibraries (libpthread), standard math libraries (libm), and the Name\nServer Caching Daemon (nscd) used by multiple programs on the system.\nWithout these libraries, the Linux system cannot function correctly.\n\nA heap-based buffer overflow was found in glibc\u0027s\n__nss_hostname_digits_dots() function, which is used by the gethostbyname()\nand gethostbyname2() glibc function calls. A remote attacker able to make\nan application call either of these functions could use this flaw to\nexecute arbitrary code with the permissions of the user running the\napplication. (CVE-2015-0235)\n\nRed Hat would like to thank Qualys for reporting this issue.\n\nAll glibc users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2015:0101", "url": "https://access.redhat.com/errata/RHSA-2015:0101" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "1183461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183461" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_0101.json" } ], "title": "Red Hat Security Advisory: glibc security update", "tracking": { "current_release_date": "2024-11-05T18:44:46+00:00", "generator": { "date": "2024-11-05T18:44:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2015:0101", "initial_release_date": "2015-01-28T17:13:00+00:00", "revision_history": [ { "date": "2015-01-28T17:13:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2015-01-28T17:13:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T18:44:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS (v. 4 ELS)", "product": { "name": "Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:4::as" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES (v. 4 ELS)", "product": { "name": "Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_els:4::es" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "glibc-0:2.3.4-2.57.el4.2.i686", "product": { "name": "glibc-0:2.3.4-2.57.el4.2.i686", "product_id": "glibc-0:2.3.4-2.57.el4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc@2.3.4-2.57.el4.2?arch=i686" } } }, { "category": "product_version", "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "product": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "product_id": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-debuginfo@2.3.4-2.57.el4.2?arch=i686" } } }, { "category": "product_version", "name": "nptl-devel-0:2.3.4-2.57.el4.2.i686", "product": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i686", "product_id": "nptl-devel-0:2.3.4-2.57.el4.2.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/nptl-devel@2.3.4-2.57.el4.2?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "glibc-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-profile@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "product_id": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nptl-devel@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-utils@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-common-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-common-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-common-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-common@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-headers@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "nscd-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "nscd-0:2.3.4-2.57.el4.2.x86_64", "product_id": "nscd-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nscd@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-devel@2.3.4-2.57.el4.2?arch=x86_64" } } }, { "category": "product_version", "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "product": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "product_id": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-debuginfo@2.3.4-2.57.el4.2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-debuginfo-common@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-devel-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-devel-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-devel@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-debuginfo@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-profile-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-profile-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-profile@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "nptl-devel-0:2.3.4-2.57.el4.2.i386", "product": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i386", "product_id": "nptl-devel-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/nptl-devel@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-utils-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-utils-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-utils@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-common-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-common-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-common-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-common@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "glibc-headers-0:2.3.4-2.57.el4.2.i386", "product": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.i386", "product_id": "glibc-headers-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-headers@2.3.4-2.57.el4.2?arch=i386" } } }, { "category": "product_version", "name": "nscd-0:2.3.4-2.57.el4.2.i386", "product": { "name": "nscd-0:2.3.4-2.57.el4.2.i386", "product_id": "nscd-0:2.3.4-2.57.el4.2.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/nscd@2.3.4-2.57.el4.2?arch=i386" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "glibc-0:2.3.4-2.57.el4.2.src", "product": { "name": "glibc-0:2.3.4-2.57.el4.2.src", "product_id": "glibc-0:2.3.4-2.57.el4.2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc@2.3.4-2.57.el4.2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "glibc-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-profile-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-profile-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-profile@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "nptl-devel-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.ia64", "product_id": "nptl-devel-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nptl-devel@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-utils-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-utils-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-utils@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-common-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-common-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-common-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-common@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-headers-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-headers-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-headers@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "nscd-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "nscd-0:2.3.4-2.57.el4.2.ia64", "product_id": "nscd-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nscd@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-devel-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-devel-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-devel@2.3.4-2.57.el4.2?arch=ia64" } } }, { "category": "product_version", "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "product": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "product_id": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "product_identification_helper": { "purl": "pkg:rpm/redhat/glibc-debuginfo@2.3.4-2.57.el4.2?arch=ia64" } } } ], "category": "architecture", "name": "ia64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.src as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.src" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.src", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux AS (v. 4 ELS)", "product_id": "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4AS-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.src as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.src" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.src", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-common-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-common-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.i686 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.i686", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.i386 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.i386" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.i386", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.ia64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.ia64" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.ia64", "relates_to_product_reference": "4ES-ELS" }, { "category": "default_component_of", "full_product_name": { "name": "nscd-0:2.3.4-2.57.el4.2.x86_64 as a component of Red Hat Enterprise Linux ES (v. 4 ELS)", "product_id": "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64" }, "product_reference": "nscd-0:2.3.4-2.57.el4.2.x86_64", "relates_to_product_reference": "4ES-ELS" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-0235", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2015-01-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1183461" } ], "notes": [ { "category": "description", "text": "A heap-based buffer overflow was found in glibc\u0027s __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.", "title": "Vulnerability description" }, { "category": "summary", "text": "glibc: __nss_hostname_digits_dots() heap-based buffer overflow", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-0235" }, { "category": "external", "summary": "RHBZ#1183461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1183461" }, { "category": "external", "summary": "RHSB-ghost", "url": "https://access.redhat.com/security/vulnerabilities/ghost" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0235" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2015/01/27/9", "url": "http://www.openwall.com/lists/oss-security/2015/01/27/9" }, { "category": "external", "summary": "https://access.redhat.com/articles/1332213", "url": "https://access.redhat.com/articles/1332213" }, { "category": "external", "summary": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability", "url": "https://community.qualys.com/blogs/laws-of-vulnerabilities/2015/01/27/the-ghost-vulnerability" } ], "release_date": "2015-01-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2015-01-28T17:13:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2015:0101" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4AS-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4AS-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.src", "4ES-ELS:glibc-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-common-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-debuginfo-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-debuginfo-common-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-headers-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-profile-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:glibc-utils-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.i686", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nptl-devel-0:2.3.4-2.57.el4.2.x86_64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.i386", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.ia64", "4ES-ELS:nscd-0:2.3.4-2.57.el4.2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "glibc: __nss_hostname_digits_dots() heap-based buffer overflow" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.