CVE-2015-0235 PoC — GNU glibc 基于堆的缓冲区错误漏洞

Source

https://github.com/1and1-serversupport/ghosttester

Associated Vulnerability

Title:GNU glibc 基于堆的缓冲区错误漏洞 (CVE-2015-0235)
Description:GNU glibc（又名GNU C Library，libc6）是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU glibc 2.2版本和2.18之前2.x版本中的‘__nss_hostname_digits_dots’函数存在基于堆的缓冲区溢出漏洞。本地和远程攻击者都可通过调用‘ gethostbyname*()’函数利用该漏洞以运行应用程序的用户权限执行任意代码，控制系统。

Description

Script to test vulnarability for CVE-2015-0235

Readme

### Testing Script for the Glibc GHOST Vulnerability # CVE-2015-0235

A little script I found to test the Glibc GHOST Vulnerability # CVE-2015-0235.
The usage is quite simple. Just clone or download the script to your server/desktop and
start it like this:

#### Debian/Ubuntu

    gcc ghosttest.c -o ghosttest

or:

    ./ghosttest.c

#### CentOS/RHEL/Suse

    ./ghosttest.sh

If your server/desktop is vulnerable you should perform an updata **ASAP**.

The pathced Version should be **glibc-2.12-1.149.el6_6.5.x86_64** or **glibc-2.12-1.149.el6_6.5.i686**.

On CentOS/RHEL/Suse you can find the version like this:

    rpm -q glibc

On Debian/Ubuntu you can use this command:

    aptitude show libc6 | grep Version

To fix the vulnerability just run an update, patches have been released.

Credit goes to: http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/

File Snapshot


 [4.0K]  /data/pocs/4b3900f1398e16d8785da8f9c498b190f25828a4
├── [1.0K]  ghosttest.c
├── [1.0K]  ghosttest.sh
└── [ 908]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!